2.4.8 Disable File Sharing - SMB

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

By disabling file sharing, the remote attack surface and risk of unauthorized access to files stored on the system is reduced.

Solution

Perform the following to implement the prescribed state:
Run the following command in Terminal to turn off AFP from the command line:
sudo /bin/launchctl unload -w /System/Library/LaunchDaemons/com.apple.AppleFileServer.plist
Run the following command in Terminal to turn off SMB sharing from the CLI:
sudo defaults delete /Library/Preferences/SystemConfiguration/com.apple.smb.server EnabledServices
sudo /bin/launchctl unload -w /System/Library/LaunchDaemons/com.apple.smbd.plist

See Also

https://benchmarks.cisecurity.org/tools2/osx/CIS_Apple_OSX_10.11_Benchmark_v1.0.0.pdf

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-7, CSCv6|9.1

Plugin: Unix

Control ID: 3ba4dab8b7815a969b0aa9fc4c8ce2e714aab7900144c1a17ee2a705e39871e7