Check: ACF2-FT-000060
IBM z/OS ACF2 STIG:
ACF2-FT-000060
(in versions v9 r2 through v7 r1)
Title
IBM z/OS FTP.DATA configuration statements for the FTP Server must specify the BANNER statement. (Cat II impact)
Discussion
The structure and content of error messages must be carefully considered by the organization and development team. The extent to which the information system is able to identify and handle error conditions is guided by organizational policy and operational requirements.
Check Content
Refer to the Data configuration file specified on the SYSFTPD DD statement in the FTP started task JCL. If the BANNER statement is coded, this is not a finding.
Fix Text
Configure the FTP.DATA CONFIGURATION STATEMENT to include the following: BANNER [An HFS file, e.g., /etc/ftp.banner]
Additional Identifiers
Rule ID: SV-223522r958586_rule
Vulnerability ID: V-223522
Group Title: SRG-OS-000228-GPOS-00088
Expert Comments
CCIs
| Number | Definition |
|---|---|
| CCI-001384 |
For publicly accessible systems, display system use information with organization-defined conditions before granting further access to the publicly accessible system. |
| CCI-001385 |
For publicly accessible systems, displays references, if any, to monitoring that are consistent with privacy accommodations for such systems that generally prohibit those activities. |
| CCI-001386 |
For publicly accessible systems, displays references, if any, to recording that are consistent with privacy accommodations for such systems that generally prohibit those activities. |
| CCI-001387 |
For publicly accessible systems, displays references, if any, to auditing that are consistent with privacy accommodations for such systems that generally prohibit those activities. |
| CCI-001388 |
For publicly accessible systems, includes a description of the authorized uses of the system. |
Controls
| Number | Title |
|---|---|
| AC-8 |
System Use Notification |