Navigate

Check: GEN003865

SUSE Linux Enterprise Server v11 for System z STIG: GEN003865 (in versions v1 r12 through v1 r9)

Title

Network analysis tools must not be installed. (Cat II impact)

Discussion

Network analysis tools allow for the capture of network traffic visible to the system.

Check Content

Determine if any network analysis tools are installed. Procedure: # find / -name ethereal # find / -name wireshark # find / -name tshark # find / -name netcat # find / -name tcpdump # find / -name snoop If any network analysis tools are found, this is a finding.

Fix Text

Remove each network analysis tool binary from the system. Remove package items with a package manager, others remove the binary directly. Procedure: Find the binary file: # find / -name <Item to be removed> Find the package, if any, to which it belongs: # rpm -qf <binary file> Remove the package if it does not also include other software: # rpm -e <package name> # SuSEconfig If the item to be removed is not in a package, or the entire package cannot be removed because of other software it provides, remove the item's binary file. # rm <binary file>

Additional Identifiers

Rule ID: SV-45811r1_rule

Vulnerability ID: V-12049

Group Title: GEN003865

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-000305	The organization develops a list of software programs not authorized to execute on the information system.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
No controls are assigned to this check