An error occurred:

Check: GEN006080

HP-UX 11.31 STIG: GEN006080 (in versions v1 r19 through v1 r13)

Title

The Samba Web Administration Tool (SWAT) must be restricted to the local host or require SSL. (Cat II impact)

Discussion

SWAT is a tool used to configure Samba. As it modifies Samba configuration, which can impact system security, it must be protected from unauthorized access. SWAT authentication may involve the root password, which must be protected by encryption when traversing the network. Restricting access to the local host allows for the use of SSH TCP forwarding, if configured, or administration by a web browser on the local system.

Check Content

Determine if the CIFS (HP SAMBA) bundle is installed (SWAT is included). # swlist -l bundle | egrep -i "CIFS-CLIENT|CIFS-SERVER" If the HP bundle is not installed, this is not applicable. If the HP bundle is installed, ask the SA if the Samba Web Administration Tool (SWAT) has been configured to use SSL. If SWAT is not configured to use SSL, this is a finding.

Fix Text

Disable SWAT. # chmod 0000 <path>/swat OR # rm -i <path>/swat

Additional Identifiers

Rule ID: SV-35211r1_rule

Vulnerability ID: V-1026

Group Title: GEN006080

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-001436

The organization disables organization-defined networking protocols within the information system deemed to be nonsecure except for explicitly identified components in support of specific operational requirements.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
No controls are assigned to this check