2.2.9 Ensure FTP Server is not enabled (Scored)

Level 1 - Server
Level 1 - Workstation 

The File Transfer Protocol (FTP) provides networked computers with the ability to transfer files.

FTP does not protect the confidentiality of data or authentication credentials. It is recommended sftp be used if file transfer is required. Unless there is a need to run the system as a FTP server (for example, to allow anonymous downloads), it is recommended that the package be deleted to reduce the potential attack surface.

Run the following commands to verify vsftpd is not enabled:

# systemctl is-enabled vsftpd

Verify result is not “enabled”.

Run the following command to disable vsftpd:

# systemctl disable vsftpd

Additional FTP servers also exist and should be audited.

  • centos7/2/2/9.txt
  • Last modified: 2017/05/04 16:47
  • by Piotr Kłoczewski