2.4.8 Disable File Sharing - AppleFileServer

Information

By disabling file sharing, the remote attack surface and risk of unauthorized access to files stored on the system is reduced.

Solution

Perform the following to implement the prescribed state:
Run the following command in Terminal to turn off AFP from the command line:
sudo /bin/launchctl unload -w /System/Library/LaunchDaemons/com.apple.AppleFileServer.plist
Run the following command in Terminal to turn off SMB sharing from the CLI:
sudo defaults delete /Library/Preferences/SystemConfiguration/com.apple.smb.server EnabledServices
sudo /bin/launchctl unload -w /System/Library/LaunchDaemons/nmbd.plist
sudo /bin/launchctl unload -w /System/Library/LaunchDaemons/smbd.plist

See Also

https://workbench.cisecurity.org/files/300

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-7b., CSCv6|9.1

Plugin: Unix

Control ID: d2dcd49aad90dfaf8eadb5ad049a03827627168eda521eeadb289076e3cd096f