======6.2.12 Ensure no users have .netrc files (Scored)======
=====Profile Applicability=====  
<code>
Level 1 - Server
Level 1 - Workstation 
</code>

=====Description=====
The ''.netrc'' file contains data for logging into a remote host for file transfers via FTP.

=====Rationale=====
The ''.netrc'' file presents a significant security risk since it stores passwords in unencrypted form. Even if FTP is disabled, user accounts may have brought over ''.netrc'' files from other systems which could pose a risk to those systems.

=====Audit===== 
Run the following script and verify no results are returned:
<Code:bash>
#!/bin/bash 
for dir in `cat /etc/passwd |\ awk -F: '{ print $6 }'`; do
  if [ ! -h "$dir/.netrc" -a -f "$dir/.netrc" ]; then
    echo ".netrc file $dir/.netrc exists" 
  fi 
done
</Code>

=====Remediation=====
Making global modifications to users' files without alerting the user community can result in unexpected outages and unhappy users. Therefore, it is recommended that a monitoring policy be established to report user ''.netrc'' files and determine the action to be taken in accordance with site policy.