GEN003865 - Network analysis tools must not be installed - 'ethereal'

Information

Network analysis tools allow for the capture of network traffic visible to the system.

If the system is being used as a network analysis/troubleshooting system then these tools are allowed if documented.

Solution

Remove each network analysis tool binary from the system. Remove package items with a package manager, others remove the binary directly.

Procedure:
Find the binary file:
# find / -name <Item to be removed>

Find the package, if any, to which it belongs:
# rpm -qf <binary file>

Remove the package if it does not also include other software:
# rpm -e <package name>
or
# yum remove <package name>

If the item to be removed is not in a package, or the entire package cannot be removed because of other software it provides, remove the item's binary file.

# rm <binary file>

See Also

http://iasecontent.disa.mil/stigs/zip/U_RedHat_5_V1R18_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-7, CAT|II, CCI|CCI-000305, Group-ID|V-12049, Rule-ID|SV-37446r2_rule, STIG-ID|GEN003865, Vuln-ID|V-12049

Plugin: Unix

Control ID: 5c4f3426d65e6d19b703513f2c3a589805d3b5118ea69b678e13b450e1599095