Detections
Analytics
5.004 - Installed FTP server is configured to allow prohibited logins.
Information
The FTP (File Transfer Protocol) service allows remote users to access shared files and directories. Allowing anonymous FTP makes user auditing difficult.Using accounts that have administrator privileges to log on to FTP risks that the user id and password will be captured on the network, and give administrator access to an unauthorized user.
NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.
Solution
Configure the system to prevent an installed FTP service from allowing prohibited logons.See Also
http://iasecontent.disa.mil/stigs/zip/Oct2016/U_Windows_Vista_V6R41_STIG.zip
Item Details
Audit Name: DISA Windows Vista STIG v6r41
Category: CONFIGURATION MANAGEMENT
References: 800-53|CM-6b., CAT|II, CCI|CCI-000366, Rule-ID|SV-29492r1_rule, STIG-ID|5.004, Vuln-ID|V-1120
Plugin: Windows
Control ID: 8ec99a4c389332e1da7bbff10392040f9d7b840c181a6fa87f7fb3a077b458d0