GEN004820 - Anonymous FTP must not be active on the system unless authorized.

Information

Due to the numerous vulnerabilities inherent in anonymous FTP, it is not recommended. If anonymous FTP must be used on a system, the requirement must be authorized and approved in the system accreditation package.

Solution

Configure the FTP service to not permit anonymous logins.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_Linux_5_V2R1_STIG.zip

Item Details

Category: ACCESS CONTROL, CONFIGURATION MANAGEMENT

References: 800-53|AC-22c., 800-53|CM-7a., CAT|II, CCI|CCI-000381, CCI|CCI-001475, Rule-ID|SV-218555r603259_rule, STIG-ID|GEN004820, STIG-Legacy|SV-62955, STIG-Legacy|V-846, Vuln-ID|V-218555

Plugin: Unix

Control ID: 844b015171b013e2c078d2028c32e66a1a484436e0e8aa3d1da5187f3d6df206