Check: GEN009180
AIX 5.3 STIG:
GEN009180
(in version v1 r3)
Title
The system must not have the tool-talk database server (ttdbserver) service active. (Cat II impact)
Discussion
The ttdbserver service for CDE is an unnecessary service that runs as root and might be compromised.
Check Content
Check the /etc/inetd.conf file for active ttdbserver service. # grep 'rpc\.ttdbserver' /etc/inetd.conf |grep -v \# If the ttdbserver service is enabled, this is a finding.
Fix Text
Edit /etc/inetd.conf and comment out ttdbserver service line. Restart the inetd service. # refresh -s inetd
Additional Identifiers
Rule ID: SV-38706r1_rule
Vulnerability ID: V-29502
Group Title:
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-001436 |
The organization disables organization-defined networking protocols within the information system deemed to be nonsecure except for explicitly identified components in support of specific operational requirements. |
Controls
Number | Title |
---|---|
No controls are assigned to this check |