2.1.3 Ensure the TFTP server has not been installed

Information

The operating system must not have the Trivial File Transfer Protocol (TFTP) server package installed if not required for operational support.

Rationale:

If TFTP is required for operational support (such as the transmission of router configurations) its use must be documented with the Information System Security Officer (ISSO), restricted to only authorized personnel, and have access control rules established.

Solution

Remove the TFTP package from the system with the following command:

# yum remove tftp-server

Notes:

This Benchmark recommendation maps to:

Red Hat Enterprise Linux 7 Security Technical Implementation Guide:

Version 2, Release: 3 Benchmark Date: 26 Apr 2019



Vul ID: V-72301

Rule ID: SV-86925r2_rule

STIG ID: RHEL-07-040700

Severity: CAT I

See Also

https://workbench.cisecurity.org/files/2688

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-4, CSCv7|9.2

Plugin: Unix

Control ID: 18b9e6390a4dfa0a59fefb162d33caa9c626b7831b78cd0847bd06bc9daa72db