STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 4 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to SUSE Linux Enterprise Server v11 for System z Security Technical Implementation Guide

V-4695

CAT I (High)

Any active TFTP daemon must be authorized and approved in the system accreditation package.

Rule ID

SV-45909r1_rule

STIG

SUSE Linux Enterprise Server v11 for System z Security Technical Implementation Guide

Version

V1R12

CCIs

CCI-000225

Discussion

TFTP is a file transfer protocol often used by embedded systems to obtain configuration data or software. The service is unencrypted and does not require authentication of requests. Data available using this service may be subject to unauthorized access or interception.

Check Content

Determine if the TFTP daemon is active.
# chkconfig --list | grep tftp

Or
# chkconfig tftp

If TFTP is found enabled and not documented using site-defined procedures, it is a finding.

Fix Text

Document or Disable the TFTP daemon.

If the TFTP daemon is necessary on the system, document and justify its usage for approval from the IAO.

If the TFTP daemon is not necessary on the system, turn it off.

# chkconfig tftp off
# service xinetd restart