iCompaas Support

Profile Applicability:
 • Level 1

Description:
 The Trivial File Transfer Protocol (TFTP) client allows unencrypted file transfers over the network. Removing the TFTP client reduces security risks associated with the use of this insecure protocol.

Rationale:
 Removing TFTP clients prevents unencrypted file transfers that can expose sensitive data to interception or manipulation.

Impact:
 Pros:

• Enhances data security by eliminating insecure transfer methods.
  

• Limits potential network attack vectors.
  

Cons:

• May affect legacy applications or workflows that rely on TFTP.
  

Default Value:
 TFTP client packages may be installed by default on some systems.

Pre-requisites:

• Root or sudo privileges to uninstall packages.
  

Remediation:

Test Plan:

Using Linux command line:

1. Check if TFTP client is installed:

RPM-based systems:

rpm -q tftp

Debian-based systems:

dpkg -l | grep tftp

2. Confirm presence of TFTP client package.

Implementation Plan:

Using Linux command line:

1. Remove TFTP client package if installed:

RPM-based:

yum remove tftp -y

Debian-based:

apt remove tftp -y

2. Verify removal:

rpm -q tftp  # or dpkg -l | grep tftp

Backout Plan:

Using Linux command line:

1. Reinstall TFTP client if needed:

RPM-based:

yum install tftp -y

Debian-based:

apt install tftp -y

2. Confirm successful installation.

References:

• CIS Amazon Linux 2 Benchmark v3.0.0
  

• NIST SP 800-53 Revision 5 - SC-8