Check: AOSX-09-000139
Apple OS X 10.9 Workstation STIG:
AOSX-09-000139
(in version v1 r2)
Title
SMB File Sharing must be disabled. (Cat II impact)
Discussion
File Sharing is non-essential and must be disabled. Enabling any service increases the attack surface for an intruder. By disabling unnecessary services, the attack surface is minimized.
Check Content
SMB File Sharing must be disabled. To check if SMB File Sharing is disabled, run the following command: sudo /usr/libexec/PlistBuddy -c 'print com.apple.smbd:Disabled' /var/db/launchd.db/com.apple.launchd/overrides.plist If the returned value isn't 'true', this is a finding.
Fix Text
To disable SMB File Sharing, run the following command: sudo defaults write /private/var/db/launchd.db/com.apple.launchd/overrides.plist 'com.apple.smbd' -dict Disabled -bool true
Additional Identifiers
Rule ID: SV-72725r1_rule
Vulnerability ID: V-58295
Group Title:
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000381 |
The organization configures the information system to provide only essential capabilities. |
Controls
Number | Title |
---|---|
CM-7 |
Least Functionality |