Details

Set ftp upload and download file permission control to facilitate the separate control of different users and different permissions, and strengthen the security of ROSNG series products.

Noted: Either SSH server or sftp top-directory has not been configured.

Solution

Close the ftp access channel, for example:

ZXR10 (config)# no ftp-server enable
ZXR10 (config-system-user-author-temp)# login-type-allowed ssh.

Supportive Information

The following resource is also helpful.

• https://support.zte.com.cn/support/doccenter/DocumentProductHandBookDetail.aspx?sid=102&id=30768582&type=docfeedbackhttps://support.zte.com.cn/support/doccenter/DocumentProductHandBookDetail.aspx?sid=102&id=30768582&type=docfeedback

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system ZTE_ROSNG.

References

• 800-53|CM-7a.

Source

• Tenable.com/audits