STIGQter: STIG Summary: IBM z/OS TSS Security Technical Implementation Guide Version: 8 Release: 2 Benchmark Date: 23 Apr 2021:

IBM z/OS FTP.DATA configuration for the FTP server must have the INACTIVE statement properly set.

DISA Rule

SV-223980r561402_rule

Vulnerability Number

V-223980

Group Title

SRG-OS-000163-GPOS-00072

Rule Version

TSS0-FT-000080

Severity

CAT II

CCI(s)

• CCI-001133 - The information system terminates the network connection associated with a communications session at the end of the session or after an organization-defined time period of inactivity.

Weight

10

Fix Recommendation

Code the FTPD configuration file to include the INACTIVE statement with a value between "1" and "600".

Check Contents

Refer to the file specified on the SYSFTPD DD statement in the FTP started task JCL.

If the INACTIVE statement is coded with a value greater than "600", this is a finding.

If the INACTIVE statement is coded with a value of "0", this is a finding.

If there is no INACTIVE statement coded or the INACTIVE statement is commented out, this is a finding.

Vulnerability Number

V-223980

Documentable

False

Rule Version

TSS0-FT-000080

Severity Override Guidance

Refer to the file specified on the SYSFTPD DD statement in the FTP started task JCL.

If the INACTIVE statement is coded with a value greater than "600", this is a finding.

If the INACTIVE statement is coded with a value of "0", this is a finding.

If there is no INACTIVE statement coded or the INACTIVE statement is commented out, this is a finding.

Check Content Reference

M

Target Key

4102

Comments