Title

There must be no .netrc files on the system. (Cat II impact)

Discussion

Unencrypted passwords for remote FTP servers may be stored in ".netrc" files. DoD policy requires passwords be encrypted in storage and not used in access scripts.

Check Content

To check the system for the existence of any ".netrc" files, run the following command: $ sudo find /root /home -xdev -name .netrc If any .netrc files exist, this is a finding.

Fix Text

The ".netrc" files contain logon information used to auto-logon into FTP servers and reside in the user's home directory. These files may contain unencrypted passwords to remote FTP servers making them susceptible to access by unauthorized users and should not be used. Any ".netrc" files should be removed.

Additional Identifiers

Rule ID: SV-218078r603264_rule

Vulnerability ID: V-218078

Group Title: SRG-OS-000073

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.