Differences

This shows you the differences between two versions of the page.

Link to this comparison view

centos7:2:2:19 [2017/05/04 14:58] (current)
Line 1: Line 1:
 +======2.2.19 Ensure tftp server is not enabled (Scored)======
 +=====Profile Applicability=====  ​
 +<​code>​
 +Level 1 - Server
 +Level 1 - Workstation ​
 +</​code>​
  
 +=====Description=====
 +Trivial File Transfer Protocol (TFTP) is a simple file transfer protocol, typically used to automatically transfer configuration or boot machines from a boot server. The packages ''​tftp''​ and ''​atftp''​ are both used to define and support a TFTP server.
 +
 +=====Rationale=====
 +TFTP does not support authentication nor does it ensure the confidentiality or integrity of data. It is recommended that TFTP be removed, unless there is a specific need for TFTP. In that case, extreme caution must be used when configuring the services.
 +
 +=====Audit===== ​
 +Run the following command and verify result is not "​enabled":​
 +<​Code:​bash>​
 +# systemctl is-enabled tftp.socket
 +disabled
 +</​Code>​
 +
 +=====Remediation===== ​
 +Run the following commands to disable ''​tftp'':​
 +<​Code:​bash>​
 +# systemctl disable tftp.socket
 +</​Code>​