STIGQter: STIG Summary: Oracle Linux 6 Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

The TFTP service must not be running.

DISA Rule

SV-219559r603263_rule

Vulnerability Number

V-219559

Group Title

SRG-OS-000095

Rule Version

OL6-00-000223

Severity

CAT II

CCI(s)

• CCI-000381 - The organization configures the information system to provide only essential capabilities.

Weight

10

Fix Recommendation

The "tftp" service should be disabled. The "tftp" service can be disabled with the following command:

# chkconfig tftp off

Check Contents

To check that the "tftp" service is disabled in system boot configuration, run the following command:

# chkconfig "tftp" --list

Output should indicate the "tftp" service has either not been installed, or has been disabled, as shown in the example below:

# chkconfig "tftp" --list
tftp off
OR
error reading information on service tftp: No such file or directory

If the service is running, this is a finding.

Vulnerability Number

V-219559

Documentable

False

Rule Version

OL6-00-000223

Severity Override Guidance

To check that the "tftp" service is disabled in system boot configuration, run the following command:

# chkconfig "tftp" --list

Output should indicate the "tftp" service has either not been installed, or has been disabled, as shown in the example below:

# chkconfig "tftp" --list
tftp off
OR
error reading information on service tftp: No such file or directory

If the service is running, this is a finding.

Check Content Reference

M

Target Key

2928

Comments