Check: GEN009300
AIX 6.1 SECURITY TECHNICAL IMPLEMENTATION GUIDE:
GEN009300
(in versions v1 r14 through v1 r10)
Title
The inetd time service must not be active on the system on the inetd daemon. (Cat II impact)
Discussion
The time service is an internal inetd function is used by the rdate command. This service is sometimes used to synchronize clocks at boot time. The service is outdated. Use the ntpdate command instead.
Check Content
Check the /etc/inetd.conf file for TCP and UDP time service. grep time /etc/inetd.conf | grep -v daytime | grep -v \# If the time service is enabled, this is a finding.
Fix Text
Edit the /etc/inetd.conf file and comment out the time service line. Restart the inetd service. # refresh -s inetd
Additional Identifiers
Rule ID: SV-38718r1_rule
Vulnerability ID: V-29514
Group Title: GEN009300
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-001436 |
The organization disables organization-defined networking protocols within the information system deemed to be nonsecure except for explicitly identified components in support of specific operational requirements. |
Controls
Number | Title |
---|---|
No controls are assigned to this check |