IBM z/OS FTP.DATA configuration statements for the FTP Server must specify the BANNER statement.
DISA Rule
SV-223522r533198_rule
Vulnerability Number
V-223522
Group Title
SRG-OS-000228-GPOS-00088
Rule Version
ACF2-FT-000060
Severity
CAT II
CCI(s)
- CCI-001388 - The information system, for publicly accessible systems, includes a description of the authorized uses of the system.
- CCI-001387 - The information system, for publicly accessible systems, displays references, if any, to auditing that are consistent with privacy accommodations for such systems that generally prohibit those activities.
- CCI-001385 - The information system, for publicly accessible systems, displays references, if any, to monitoring that are consistent with privacy accommodations for such systems that generally prohibit those activities.
- CCI-001386 - The information system, for publicly accessible systems, displays references, if any, to recording that are consistent with privacy accommodations for such systems that generally prohibit those activities.
- CCI-001384 - The information system, for publicly accessible systems, displays system use information organization-defined conditions before granting further access.
Weight
10
Fix Recommendation
Configure the FTP.DATA CONFIGURATION STATEMENT to include the following:
BANNER [An HFS file, e.g., /etc/ftp.banner]
Check Contents
Refer to the Data configuration file specified on the SYSFTPD DD statement in the FTP started task JCL.
If the BANNER statement is coded, this is not a finding.
Vulnerability Number
V-223522
Documentable
False
Rule Version
ACF2-FT-000060
Severity Override Guidance
Refer to the Data configuration file specified on the SYSFTPD DD statement in the FTP started task JCL.
If the BANNER statement is coded, this is not a finding.
Check Content Reference
M
Target Key
4100
Comments
STIGQter: STIG Summary: IBM z/OS ACF2 Security Technical Implementation Guide Version: 8 Release: 2 Benchmark Date: 23 Apr 2021: