Profile Applicability:
• Level 1
Description:
FTP clients allow file transfers over the network using the File Transfer Protocol (FTP), which transmits data unencrypted. To minimize security risks, FTP clients should be removed or not installed, especially in secure or sensitive environments.
Rationale:
Removing FTP clients reduces the risk of unencrypted data transmission, which can expose credentials and sensitive data to interception.
Impact:
Pros:
Enhances data security by discouraging insecure file transfers.
Limits the use of outdated and insecure protocols.
Cons:
Removing FTP clients may impact legacy workflows that depend on FTP.
Default Value:
FTP clients may be installed by default on some systems.
Pre-requisites:
Root or sudo privileges to uninstall packages.
Remediation:
Test Plan:
Using Linux command line:
Check if FTP client is installed:
RPM-based systems:
rpm -q ftp
Debian-based systems:
dpkg -l | grep ftp
Confirm FTP client package presence.
Implementation Plan:
Using Linux command line:
1. Remove FTP client package if installed:
RPM-based:
yum remove ftp -y
Debian-based:
apt remove ftp -y
2. Verify removal:
rpm -q ftp # or dpkg -l | grep ftp
Backout Plan:
Using Linux command line:
1. Reinstall FTP client if needed:
RPM-based:
yum install ftp -y
Debian-based:
apt install ftp -y
2. Confirm successful installation.
References:
CIS Amazon Linux 2 Benchmark v3.0.0