Check: GEN003700
AIX 6.1 SECURITY TECHNICAL IMPLEMENTATION GUIDE:
GEN003700
(in versions v1 r14 through v1 r10)
Title
Inetd and xinetd must be disabled or removed if no network services utilizing them are enabled. (Cat II impact)
Discussion
Unnecessary services should be disabled to decrease the attack surface of the system.
Check Content
First, determine if inetd/xinetd is running. # ps -ef |grep inetd If inetd is not running, this is not a finding. # grep -v "^#" /etc/inetd.conf If no active services are found, yet the inetd daemon is running, this is a finding.
Fix Text
Remove or disable the inetd startup scripts and kill the service.
Additional Identifiers
Rule ID: SV-12506r2_rule
Vulnerability ID: V-12005
Group Title: GEN003700
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| CCI-000305 |
The organization develops a list of software programs not authorized to execute on the information system. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| No controls are assigned to this check |