FTP allowed users (UNIX)

Module: Network Integrity

This check reports users that are allowed FTP access to the system. Use the name list to exclude or include users for the check.

The following table lists the error messages for the check.

Table: Error messages for FTP allowed users

Message String ID and Category	Platform and Message Numeric ID	Message Title and Description	Additional Information
String ID: STKU_NOFTPUSERS Category: Change Notification	UNIX (6335)	Title: No ftpusers file on your system Description:The ftpusers file does not exist on your system. This is a security problem because the ftpusers file is used to prevent specific accounts from using FTP. In normal operations, some accounts should be denied access to FTP. This includes the root account, any guest accounts, uucp accounts, accounts with restricted shells, and any other account that should not be copying files across the network. You should create the ftpusers file and add these accounts to it.	Severity: yellow-1 Correctable: false Snapshot Updatable: false Template Updatable: false Information Field Format: [%s]
String ID: STKU_USERCANFTP Category: Change Notification	UNIX (6336)	Title: User permitted to use FTP Description:The named user has access to FTP. This user can use FTP to transfer files to and from other systems. You should add any user accounts that should be denied FTP access to the ftpusers file.	Severity: green-0 Correctable: false Snapshot Updatable: false Template Updatable: false Information Field Format: [%s]

Message String ID and Category

Platform and Message Numeric ID

Message Title and Description

Additional Information

String ID: STKU_NOFTPUSERS

Category: Change Notification

UNIX (6335)

Title: No ftpusers file on your system

Description:The ftpusers file does not exist on your system. This is a security problem because the ftpusers file is used to prevent specific accounts from using FTP. In normal operations, some accounts should be denied access to FTP. This includes the root account, any guest accounts, uucp accounts, accounts with restricted shells, and any other account that should not be copying files across the network. You should create the ftpusers file and add these accounts to it.

Severity: yellow-1

Correctable: false

Snapshot Updatable: false

Template Updatable: false

Information Field Format: [%s]

String ID: STKU_USERCANFTP

Category: Change Notification

UNIX (6336)

Title: User permitted to use FTP

Description:The named user has access to FTP. This user can use FTP to transfer files to and from other systems. You should add any user accounts that should be denied FTP access to the ftpusers file.

Severity: green-0

Correctable: false

Snapshot Updatable: false

Template Updatable: false

Information Field Format: [%s]