The Samba Web Administration Tool (SWAT) must be restricted to the local host or require SSL.

From HP-UX 11.31 Security Technical Implementation Guide

Associated with IA controls: EBRP-1

Associated with: CCI-001436

SV-35211r1_rule The Samba Web Administration Tool (SWAT) must be restricted to the local host or require SSL.

Vulnerability discussion

SWAT is a tool used to configure Samba. As it modifies Samba configuration, which can impact system security, it must be protected from unauthorized access. SWAT authentication may involve the root password, which must be protected by encryption when traversing the network.Restricting access to the local host allows for the use of SSH TCP forwarding, if configured, or administration by a web browser on the local system.

Check content

Determine if the CIFS (HP SAMBA) bundle is installed (SWAT is included). # swlist -l bundle | egrep -i "CIFS-CLIENT|CIFS-SERVER" If the HP bundle is not installed, this is not applicable. If the HP bundle is installed, ask the SA if the Samba Web Administration Tool (SWAT) has been configured to use SSL. If SWAT is not configured to use SSL, this is a finding.

Fix text

Disable SWAT. # chmod 0000 /swat OR # rm -i /swat

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.