InformationThe operating system must not have the Trivial File Transfer Protocol (TFTP) server package installed if not required for operational support.
If TFTP is required for operational support (such as the transmission of router configurations) its use must be documented with the Information System Security Officer (ISSO), restricted to only authorized personnel, and have access control rules established.
SolutionRemove the TFTP package from the system with the following command:
# yum remove tftp-server
This Benchmark recommendation maps to:
Red Hat Enterprise Linux 7 Security Technical Implementation Guide:
Version 2, Release: 3 Benchmark Date: 26 Apr 2019
Vul ID: V-72301
Rule ID: SV-86925r2_rule
STIG ID: RHEL-07-040700
Severity: CAT I