The FTPS/FTP service on the system must be configured with the Department of Defense (DoD) login banner.

From Oracle Linux 6 Security Technical Implementation Guide

Part of SRG-OS-000023

Associated with: CCI-000048

SV-64847r2_rule The FTPS/FTP service on the system must be configured with the Department of Defense (DoD) login banner.

Vulnerability discussion

This setting will cause the system greeting banner to be used for FTP connections as well.

Check content

To verify this configuration, run the following command: grep "banner_file" /etc/vsftpd/vsftpd.conf The output should show the value of "banner_file" is set to "/etc/issue", an example of which is shown below. # grep "banner_file" /etc/vsftpd/vsftpd.conf banner_file=/etc/issue If it does not, this is a finding.

Fix text

Edit the vsftpd configuration file, which resides at "/etc/vsftpd/vsftpd.conf" by default. Add or correct the following configuration options. banner_file=/etc/issue Restart the vsftpd daemon. # service vsftpd restart

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.

Powered by sagemincer