UCF STIG Viewer Logo

Network analysis tools must not be installed.


Finding ID Version Rule ID IA Controls Severity
V-12049 GEN003865 SV-64029r2_rule Medium
Network analysis tools allow for the capture of network traffic visible to the system. If the system is being used as a network analysis/troubleshooting system then these tools are allowed if documented.
Oracle Linux 5 Security Technical Implementation Guide 2016-12-20


Check Text ( C-52611r2_chk )
Determine if any network analysis tools are installed.


# find / -name ethereal
# find / -name wireshark
# find / -name tshark
# find / -name nc
# find / -name tcpdump
# find / -name snoop

If any network analysis tools are found, this is a finding.
Fix Text (F-54731r4_fix)
Remove each network analysis tool binary from the system. Remove package items with a package manager, others remove the binary directly.

Find the binary file:

# find / -name

Find the package, if any, to which it belongs:

# rpm -qf

Remove the package if it does not also include other software:

# rpm -e


# yum remove

If the item to be removed is not in a package, or the entire package cannot be removed because of other software it provides, remove the item's binary file.

# rm