STIGQter: STIG Summary: IBM z/VM Using CA VM:Secure Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 27 Apr 2018:

IBM z/VM TCP/IP config file INTERNALCLIENTPARMS statement must be properly configured.

DISA Rule

SV-93645r1_rule

Vulnerability Number

V-78939

Group Title

SRG-OS-000297-GPOS-00115

Rule Version

IBMZ-VM-001060

Severity

CAT II

CCI(s)

• CCI-002314 - The information system controls remote access methods.

Weight

10

Fix Recommendation

Configure the TCP/IP config “INTERNALCLIENTPARM” statement to include the following:

PORTNUM <secure FTP PORT Number>
SECURECONNECTION REQUIRED
CLIENTCERTCHECK FULL

Check Contents

Examine the TCP/IP config file “INTERNALCLIENTPARMS” statement.

If the following “INTERNALCLIENTPARMS” sub statement are included, this is not a finding.

PORT Num not 20 or 21
SECURECONNECTION REQUIRED
CLIENTCERTCHECK FULL

Vulnerability Number

V-78939

Documentable

False

Rule Version

IBMZ-VM-001060

Severity Override Guidance

Examine the TCP/IP config file “INTERNALCLIENTPARMS” statement.

If the following “INTERNALCLIENTPARMS” sub statement are included, this is not a finding.

PORT Num not 20 or 21
SECURECONNECTION REQUIRED
CLIENTCERTCHECK FULL

Check Content Reference

M

Target Key

3211

Comments