STIGQter STIGQter: STIG Summary: VMware ESX 3 Server Version: 1 Release: 2 Benchmark Date: 22 Jul 2016: Anonymous FTP must not be active on the system unless authorized.

DISA Rule

SV-846r2_rule

Vulnerability Number

V-846

Group Title

GEN004820

Rule Version

GEN004820

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the FTP service to not permit anonymous logins.

Check Contents

Attempt to log into this host with a user name of anonymous and a password of guest (also try the password of guest@mail.com). If the logon is successful, this is a finding.

Procedure:
# ftp localhost
Name: anonymous
530 Guest login not allowed on this machine.

Vulnerability Number

V-846

Documentable

True

Rule Version

GEN004820

Severity Override Guidance

Attempt to log into this host with a user name of anonymous and a password of guest (also try the password of guest@mail.com). If the logon is successful, this is a finding.

Procedure:
# ftp localhost
Name: anonymous
530 Guest login not allowed on this machine.

Check Content Reference

M

Responsibility

Information Assurance Officer

Target Key

1386

Comments