Puppet Class: cis_security_hardening::rules::tftp_server

Defined in:
manifests/rules/tftp_server.pp

Summary

Ensure TFTP Server is not installed

Overview

Trivial File Transfer Protocol (TFTP) is a simple protocol for exchanging files between two TCP/IP machines. TFTP servers allow connections from a TFTP Client for sending and receiving files.

Rationale: TFTP does not have built-in encryption, access control or authentication. This makes it very easy for an attacker to exploit TFTP to gain access to files.

Examples:

class { 'cis_security_hardening::rules::tftp_server':
  enforce => true,
}

Parameters:

  • enforce (Boolean) (defaults to: false)

    Enforce the rule.



20
21
22
23
24
25
26
27
28
29
30
31
32
33
 
# File 'manifests/rules/tftp_server.pp', line 20

class cis_security_hardening::rules::tftp_server (
  Boolean $enforce = false,
) {
  if $enforce {
    $ensure = $facts['os']['family'].downcase() ? {
      'suse'  => 'absent',
      default => 'purged',
    }

    ensure_packages(['tftp-server'], {
        ensure => $ensure,
    })
  }
}