An error occurred:

Check: GEN004800

IRIX 6.5: GEN004800 (in versions v1 r1 through v1 r0.99)

Title

Unencrypted FTP must not be used on the system. (Cat II impact)

Discussion

FTP is typically unencrypted and, therefore, presents confidentiality and integrity risks. FTP may be protected by encryption in certain cases, such as when used in a Kerberos environment. SFTP and FTPS are encrypted alternatives to FTP.

Check Content

Perform the following to determine if unencrypted FTP is enabled. # chkconfig If FTP is enabled, ask the SA if it is encrypted. If it is not, this is a finding.

Fix Text

Additional Identifiers

Rule ID:

Vulnerability ID: V-12010

Group Title:

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-000366

The organization implements the security configuration settings.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
CM-6

Configuration Settings