The FTP daemon must not be installed unless required.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-216055 | SOL-11.1-020130 | SV-216055r959010_rule | CCI-000366 | high |
| Description | ||||
| FTP is an insecure protocol. | ||||
| STIG | Date | |||
| Solaris 11 X86 Security Technical Implementation Guide | 2025-05-05 | |||
Details
Check Text (C-216055r959010_chk)
Determine if the FTP package is installed.
# pkg list service/network/ftp
If an installed package named "service/network/ftp" is listed and not required for operations, this is a finding.
Fix Text (F-17291r372548_fix)
The Software Installation Profile is required.
# pfexec pkg uninstall service/network/ftp