Back

Configure the "tftpd service" setting to organizational standards.


CONTROL ID
04915
CONTROL TYPE
Configuration
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Disable all unnecessary services unless otherwise noted in a policy exception., CC ID: 00880

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • For Windows 2003 Server, the organization must configure the permissions for Trivial FTP Daemon (tftpd) to Administrators: Full Control; System: Read; and System: Start, Stop, and Pause. (Table F-2, CMS Business Partners Systems Security Manual, Rev. 10)
  • tftpd service should be enabled or disabled as appropriate Technical Mechanisms: via inetd via inetd.conf Parameters: enabled/disabled References: 10.8.10.5.4.1 (11) #6 (CCE-5743-0, Common Configuration Enumeration List, Combined XML: AIX 5.3, 5.20130214)
  • tftpd service should be enabled or disabled as appropriate Technical Mechanisms: via inetd via inetd.conf Parameters: enabled/disabled References: 10.8.10.5.4.1 (11) #6 (CCE-5838-8, Common Configuration Enumeration List, Combined XML: HP-UX 11.23, 5.20130214)
  • tftpd service should be enabled or disabled as appropriate Technical Mechanisms: via xinetd Parameters: enabled/disabled References: 10.8.10.5.4.1 (11) #6 (CCE-6202-6, Common Configuration Enumeration List, Combined XML: Red Hat Enterprise Linux 4, 5.20130214)
  • tftpd service should be enabled or disabled as appropriate Technical Mechanisms: via inetd via inetd.conf Parameters: enabled/disabled References: 10.8.10.5.4.1 (11) #6 (CCE-5831-3, Common Configuration Enumeration List, Combined XML: Sun Solaris 8, 5.20130214)
  • tftpd service should be enabled or disabled as appropriate Technical Mechanisms: via inetd via inetd.conf Parameters: enabled/disabled References: 10.8.10.5.4.1 (11) #6 (CCE-6746-2, Common Configuration Enumeration List, Combined XML: Sun Solaris 9, 5.20130214)