The FTP daemon must not be installed unless required.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-216290 | SOL-11.1-020130 | SV-216290r959010_rule | CCI-000366 | high |
| Description | ||||
| FTP is an insecure protocol. | ||||
| STIG | Date | |||
| Solaris 11 SPARC Security Technical Implementation Guide | 2025-05-05 | |||
Details
Check Text (C-216290r959010_chk)
Determine if the FTP package is installed.
# pkg list service/network/ftp
If an installed package named "service/network/ftp" is listed and not required for operations, this is a finding.
Fix Text (F-17524r370959_fix)
The Software Installation Profile is required.
# pfexec pkg uninstall service/network/ftp