iCompaas Support

Profile Applicability:
 • Level 1

Description:
 The Trivial File Transfer Protocol (TFTP) server provides a simplified file transfer service. If not required, disabling TFTP services reduces the attack surface and prevents unauthorized file transfers over the network.

Rationale:
 Disabling unused TFTP services limits exposure to network-based attacks and prevents unauthorized access or data leakage.

Impact:
 Pros:

• Reduces risk of unauthorized file transfers.
  

• Minimizes unnecessary network services running on the system.
  

Cons:

• Disabling TFTP may impact legitimate services relying on it.
  

Default Value:
 TFTP server services may be enabled or running by default on some systems.

Pre-requisites:

• Root or sudo privileges to manage system services.
  

Remediation:

Test Plan:

Using Linux command line:

1. Check if TFTP service is enabled:

systemctl is-enabled tftp  
systemctl is-enabled tftp.socket

2. Check if TFTP service is running:

systemctl status tftp  
systemctl status tftp.socket

Implementation Plan:

Using Linux command line:

1. Disable TFTP services:

systemctl disable tftp  
systemctl disable tftp.socket

2. Stop running TFTP services:

systemctl stop tftp  
systemctl stop tftp.socket

3. Verify services are disabled and stopped:

systemctl is-enabled tftp  
systemctl is-enabled tftp.socket  
systemctl status tftp  
systemctl status tftp.socket

Backout Plan:

Using Linux command line:

1. Enable and start TFTP services if required:

systemctl enable tftp  
systemctl start tftp  
systemctl enable tftp.socket  
systemctl start tftp.socket

2. Verify service status.

References:

• CIS Amazon Linux 2 Benchmark v3.0.0
  

• Systemd Service Management