Check: AOSX-09-000140
Apple OS X 10.9 Workstation STIG:
AOSX-09-000140
(in version v1 r2)
Title
Apple File (AFP) Sharing must be disabled. (Cat II impact)
Discussion
File Sharing is non-essential and must be disabled. Enabling any service increases the attack surface for an intruder. By disabling unnecessary services, the attack surface is minimized.
Check Content
Apple File (AFP) Sharing must be disabled. To check if Apple File (AFP) Sharing is disabled, run the following command: sudo /usr/libexec/PlistBuddy -c 'print com.apple.AppleFileServer:Disabled' /var/db/launchd.db/com.apple.launchd/overrides.plist If the returned value isn't 'true', this is a finding.
Fix Text
To disable Apple File (AFP) Sharing, run the following command: sudo defaults write /private/var/db/launchd.db/com.apple.launchd/overrides.plist 'com.apple.AppleFileServer' -dict Disabled -bool true
Additional Identifiers
Rule ID: SV-72727r1_rule
Vulnerability ID: V-58297
Group Title:
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000381 |
The organization configures the information system to provide only essential capabilities. |
Controls
Number | Title |
---|---|
CM-7 |
Least Functionality |