Title

The tftp daemon must be disabled on AIX. (Cat II impact)

Discussion

The tftp service allows remote systems to download or upload files to the tftp server without any authentication. It is therefore a service that should not run, unless needed. One of the main reasons for requiring this service to be activated is if the host is a NIM master. However, the service can be enabled and then disabled once a NIM operation has completed, rather than left running permanently.

Check Content

From the command prompt, execute the following command: # grep "^tftp[[:blank:]]" /etc/inetd.conf If there is any output from the command, this is a finding.

Fix Text

In "/etc/inetd.conf", comment out the "tftp" entry by running command: # chsubserver -r inetd -C /etc/inetd.conf -d -v 'tftp' -p 'udp' Restart inetd: # refresh -s inetd

Additional Identifiers

Rule ID: SV-215386r958478_rule

Vulnerability ID: V-215386

Group Title: SRG-OS-000095-GPOS-00049

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.