STIGQter: STIG Summary: Canonical Ubuntu 16.04 Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 24 Jan 2020: If the Trivial File Transfer Protocol (TFTP) server is required, the TFTP daemon must be configured to operate in secure mode.SV-90579r1_rule
V-75899
SRG-OS-000480-GPOS-00227
UBTU-16-030730
CAT II
10
Configure the Trivial File Transfer Protocol (TFTP) daemon to operate in the secure mode by adding the "--secure" option to TFTP_OPTIONS in /etc/default/tftpd-hpa and restart the tftpd daemon.
Verify the Trivial File Transfer Protocol (TFTP) daemon is configured to operate in secure mode.
Check to see if a TFTP server has been installed with the following commands:
# dpkg -l | grep tftpd-hpa
ii tftpd-hpa 5.2+20150808-1Ubuntu1.16.04.1
If a TFTP server is not installed, this is Not Applicable.
If a TFTP server is installed, check for the server arguments with the following command:
# grep TFTP_OPTIONS /etc/default/tftpd-hpa
TFTP_OPTIONS="--secure"
If "--secure" is not listed in the TFTP_OPTIONS, this is a finding.
V-75899
False
UBTU-16-030730
Verify the Trivial File Transfer Protocol (TFTP) daemon is configured to operate in secure mode.
Check to see if a TFTP server has been installed with the following commands:
# dpkg -l | grep tftpd-hpa
ii tftpd-hpa 5.2+20150808-1Ubuntu1.16.04.1
If a TFTP server is not installed, this is Not Applicable.
If a TFTP server is installed, check for the server arguments with the following command:
# grep TFTP_OPTIONS /etc/default/tftpd-hpa
TFTP_OPTIONS="--secure"
If "--secure" is not listed in the TFTP_OPTIONS, this is a finding.
M
3075