Check: GEN000000-AIX0310
AIX 6.1 SECURITY TECHNICAL IMPLEMENTATION GUIDE:
GEN000000-AIX0310
(in versions v1 r14 through v1 r10)
Title
The /etc/ftpaccess.ctl file must exist. (Cat II impact)
Discussion
The ftpaccess.ctl file contains options for the ftp daemon, such as herald, motd, user access, and permissions to files and directories. If the ftpaccess.ctl file does not exist, the ftpd process will not display any warning banners, and permissions will only be enforced using basic UNIX permissions.
Check Content
Check for the existence of the /etc/ftpaccess.ctl file. # ls -l /etc/ftpaccess.ctl If the ftpaccess.ctl file does not exist, this is a finding.
Fix Text
Create a /etc/ftpaccess.ctl file. #touch /etc/ftpaccess.ctl Add at least the herald: /path to login banner to the /etc/ftpaccess.ctl file. #vi /etc/ftpaccess.ctl
Additional Identifiers
Rule ID: SV-38750r1_rule
Vulnerability ID: V-29519
Group Title: GEN000000-AIX0310
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000032 |
The information system enforces information flow control using organization-defined security policy filters as a basis for flow control decisions for organization-defined information flows. |
Controls
Number | Title |
---|---|
AC-4 (8) |
Security Policy Filters |