GEN004800 - Unencrypted FTP must not be used on the system - 'telnet is disabled'

Information

FTP is typically unencrypted and, therefore, presents confidentiality and integrity risks. FTP may be protected by encryption in certain cases, such as when used in a Kerberos environment. SFTP and FTPS are encrypted alternatives to FTP.

Solution

Edit /etc/inetd.conf and comment out or remove the ftp and telnet service lines.
# vi /etc/inetd.conf
Restart the inetd service.
# refresh -s inetd

See Also

http://iasecontent.disa.mil/stigs/zip/U_STIG_Library_2015_07.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b., CAT|II, CCI|CCI-000366, Rule-ID|SV-39176r1_rule, STIG-ID|GEN004800, Vuln-ID|V-12010

Plugin: Unix

Control ID: 4a8cbdb2c6ff472f021f36e825d9925ad4cb9443bd3c01cd202672b5d84ba11d