Navigate

Check: IBMZ-VM-000680

IBM zVM STIG: IBMZ-VM-000680 (in version v1 r0.1)

Title

The IBM z/VM TCP/IP ANONYMOU statement must not be coded in FTP configuration. (Cat II impact)

Discussion

Operating systems utilizing encryption are required to use FIPS-compliant mechanisms for authenticating to cryptographic modules.

Check Content

If there is no FTP Server active, this is not applicable. Examine the “DTCPARM” file for each active FTP server. If there is: Anonymous or: Anonymous statement, this is a finding. Examine the “FTPSERV” Command if “ANONYMOU” is coded, this is a finding.

Fix Text

Ensure the :ANONYMOUS or :ANONYMOU statement is not coded in the “DTCPARMS” or “FTPDERV” command.

Additional Identifiers

Rule ID:

Vulnerability ID: IBMZ-VM-000680

Group Title:

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-000804	The information system uniquely identifies and authenticates non-organizational users (or processes acting on behalf of non-organizational users).

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
IA-8	Identification And Authentication (Non-Organizational Users)