Installation guide

ManualsBrandsProtogate ManualsComputer equipmentFreeway 3600

Protogate Freeway Requirements Speciﬁcation (SRS) Chapter 4. Qualiﬁcation Provisions

Section Requirement

Name

Qualiﬁcation

Method

Notes

Section 3.8.23 GEN004400 -

File Executed

Through Aliases

Accessibility

Check Login to the Freeway, su - shell to become a root-level user,

then execute the command find / -name aliases -depth

-print, to ﬁnd any "aliases" ﬁle. That ﬁle should not exist

anywhere on a Freeway, because Freeways do not support email of

any kind.

Section 3.8.24 GEN004580 -

.forward Files

Check Login to the Freeway, su - shell to become a root-level user,

then execute the command find / -name .forward -depth

-print, to ﬁnd any ".forward" ﬁles. That ﬁle should not exist

anywhere on a Freeway, because Freeways do not support email of

any kind.

Section 3.8.25 GEN004600 -

Sendmail

Version

Check Login to the Freeway, su - shell to become a root-level user,

then execute the command ls -l /var/mail /etc/mail, to

verify that those directories do not exist, and that sendmail cannot

run on the Freeway. Freeways do not support email of any kind.

Section 3.8.26 GEN004620 -

Sendmail

DEBUG

Command

Check Login to the Freeway, su - shell to become a root-level user,

then execute the command telnet localhost 25, to verify that

the result is "Connection refused", because sendmail is not running

on the Freeway. Freeways do not support email of any kind.

Section 3.8.27 GEN004640 -

Sendmail

DECODE

Command

Check Login to the Freeway, su - shell to become a root-level user,

then execute the command telnet localhost 25, to verify that

the result is "Connection refused", because sendmail is not running

on the Freeway. Freeways do not support email of any kind.

Section 3.8.28 GEN005000 -

Anonymous

FTP Account

Shell

Check Login to the Freeway, su - shell to become a root-level user,

then execute the command grep "^ftp" /etc/passwd, to

verify that there is no active ftp line in /etc/passwd, which

means that anonymous FTP is not allowed.

Section 3.8.29 GEN005020 -

Anonymous

FTP Account

Shell

Check Login to the Freeway, su - shell to become a root-level user,

then execute the command grep "^ftp" /etc/passwd, to

verify that there is no active ftp line in /etc/passwd, which

means that anonymous FTP is not allowed.

Section 3.8.30 GEN005080 -

TFTP Secure

Mode

Check Login to the Freeway, su - shell to become a root-level user,

then execute the command grep "tftp" /etc/inetd.conf, to

verify that tftp is not conﬁgured or enabled.

Section 3.8.31 GEN005100 -

TFTP

SUID/SGID Bit

Check Login to the Freeway, su - shell to become a root-level user,

then execute the command find / -name "

tftpd" -print

; ls -la /usr/libexec/tftpd, to verify that neither the

SUID nor SGID bits are set on the tftp ﬁle (you should see

permission bits similar to "-r-xr-xr-x", with no ’s’ characters).

Section 3.8.32 GEN005140 -

TFTP

Documentation

Check Login to the Freeway, su - shell to become a root-level user,

then execute the command grep -v "^#" /etc/inetd.conf

|grep tftp, to verify that tftp is not conﬁgured or enabled.

Protogate DC-900-2021A 29