FTP denied users (UNIX)

Module: Network Integrity

This check reports users that are denied FTP access to the system. Use the name list to exclude or include users for the check.

The following table lists the error messages for the check.

Table: Error messages for FTP denied users

Message String ID and Category	Platform and Message Numeric ID	Message Title and Description	Additional Information
String ID: STKU_NOFTPUSERS Category: Change Notification	UNIX (6335)	Title: No ftpusers file on your system Description:The ftpusers file does not exist on your system. This is a security problem because the ftpusers file is used to prevent specific accounts from using FTP. In normal operations, some accounts should be denied access to FTP. This includes the root account, any guest accounts, uucp accounts, accounts with restricted shells, and any other account that should not be copying files across the network. You should create the ftpusers file and add these accounts to it.	Severity: yellow-1 Correctable: false Snapshot Updatable: false Template Updatable: false Information Field Format: [%s]
String ID: STKU_FTPDENIED Category: Change Notification	UNIX (6337)	Title: User denied access to FTP Description:The named user is denied access to FTP. Denied users should include the root account, any guest accounts, uucp accounts, accounts with restricted shells, and any other account that should not be copying files across the network. You should add any user accounts that should be denied FTP access to the ftpusers file.	Severity: green-0 Correctable: false Snapshot Updatable: false Template Updatable: false Information Field Format: [%s]

Message String ID and Category

Platform and Message Numeric ID

Message Title and Description

Additional Information

String ID: STKU_NOFTPUSERS

Category: Change Notification

UNIX (6335)

Title: No ftpusers file on your system

Description:The ftpusers file does not exist on your system. This is a security problem because the ftpusers file is used to prevent specific accounts from using FTP. In normal operations, some accounts should be denied access to FTP. This includes the root account, any guest accounts, uucp accounts, accounts with restricted shells, and any other account that should not be copying files across the network. You should create the ftpusers file and add these accounts to it.

Severity: yellow-1

Correctable: false

Snapshot Updatable: false

Template Updatable: false

Information Field Format: [%s]

String ID: STKU_FTPDENIED

Category: Change Notification

UNIX (6337)

Title: User denied access to FTP

Description:The named user is denied access to FTP. Denied users should include the root account, any guest accounts, uucp accounts, accounts with restricted shells, and any other account that should not be copying files across the network. You should add any user accounts that should be denied FTP access to the ftpusers file.

Severity: green-0

Correctable: false

Snapshot Updatable: false

Template Updatable: false

Information Field Format: [%s]