Check: GEN009280
AIX 6.1 SECURITY TECHNICAL IMPLEMENTATION GUIDE:
GEN009280
(in versions v1 r14 through v1 r10)
Title
The system must not have the PCNFS service active. (Cat II impact)
Discussion
The PCNFS service predates Microsoft’s SMB specifications. If a similar service is needed to share files from a Windows based OS to a UNIX based OS, consider SAMBA.
Check Content
Check the /etc/inetd.conf file for active PCNFS service. #grep pcnfsd /etc/inetd.conf | grep -v \# If the PCNFS service is enabled, this is a finding.
Fix Text
Edit /etc/inetd.conf and comment out the PCNFS service line. Restart the inetd service. # refresh -s inetd
Additional Identifiers
Rule ID: SV-38716r1_rule
Vulnerability ID: V-29512
Group Title: GEN009280
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-001436 |
The organization disables organization-defined networking protocols within the information system deemed to be nonsecure except for explicitly identified components in support of specific operational requirements. |
Controls
Number | Title |
---|---|
No controls are assigned to this check |