GEN004820 - Anonymous FTP must not be active on the system unless authorized.

Information

Due to the numerous vulnerabilities inherent in anonymous FTP, it is recommended that it not be used. If anonymous FTP must be used on a system, the requirement must be authorized and approved in the system accreditation package.

Solution

Remove user 'anonymous' from /etc/passwd.

See Also

https://iasecontent.disa.mil/stigs/zip/U_AIX_6-1_V1R14_STIG.zip

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-22c., CAT|II, CCI|CCI-001475, Group-ID|V-846, Rule-ID|SV-40086r1_rule, STIG-ID|GEN004820, Vuln-ID|V-846

Plugin: Unix

Control ID: 2c7090820c50ad497df49dfd73d46f3b245b34ce88495413ccff9629a5ec80c9