Free DISA STIG and SRG Library | Vaulted
  1. Security Guide Library
  2. Desktop Applications General
  3. V-6357

V-6357

Peer to Peer clients or utilities are installed.

Finding ID
DTGW003
Rule ID
SV-6430r1_rule
Severity
Cat II
CCE
(None)
Group Title
DTGW003-Peer to Peer clients or utilities are inst
CCI
(None)
Target Key
(None)
Documentable
No
Discussion

File-sharing utilities and clients can provide the ability to share files with other users (Peer-to-Peer Sharing). This type of utility is a security risk due to the potential risk of loss of sensitive data and the broadcast of the existence of a computer to others. There are also many legal issues associated with these types of utilities including copyright infringement and intellectual property issues. These types of utilities and clients include the following examples, Napster, Gnutella, Kazaa, and Freenet. NOTE: Clients used to access an internal or DoD controlled file-sharing system are permitted.

Fix Text

Use Windows explorer to search for the files *napv.exe and Gnutella.exe. If found and they are determined to be a file sharing utility, delete them.

Check Content

Procedure: Using Windows explorer search for the following files: *napv*.exe, Gnutella.exe Criteria: If any of the files are found examine it to determine if it is a file sharing utility. If it is, this is a finding.

Responsibility

System Administrator

Vaulted is more than a library.

SIGN UP FOR FREE