Free DISA STIG and SRG Library | Vaulted
  1. Security Guide Library
  2. Infrastructure L3 Switch Security Technical Implementation Guide
  3. V-14668

V-14668

FTP servers on the device must be disabled.

Finding ID
NET0742
Rule ID
SV-15310r2_rule
Severity
Cat II
CCE
(None)
Group Title
FTP server is not disabled
CCI
(None)
Target Key
(None)
Documentable
No
Discussion

The additional services enabled on a router increases the risk for an attack since the router will listen for these services. In addition, these services provide an unsecured method for an attacker to gain access to the router.

Fix Text

Disable FTP server services on the device.

Check Content

Review the device configuration to determine if the device has been setup to be an FTP server. If the device has been configured to be an FTP server, this is a finding.

Responsibility

Information Assurance Officer

Vaulted is more than a library.

SIGN UP FOR FREE