STIG ID: ALMA-09-029170 | SRG: SRG-OS-000095-GPOS-00049 | Severity: medium | CCI: | Vulnerability Id: V-269338
If TFTP is required for operational support (such as transmission of router configurations), its use must be documented with the information systems security manager (ISSM), restricted to only authorized personnel, and have access control rules established.
Remove the tftp package with the following command:
$ dnf remove tftp
Verify that the tftp package is not installed with the following command:
$ dnf list --installed tftp
If the "tftp" package is installed, this is a finding.