Check: GEN009240
AIX 6.1 SECURITY TECHNICAL IMPLEMENTATION GUIDE:
GEN009240
(in versions v1 r14 through v1 r10)
Title
The system must not have Internet Message Access Protocol (IMAP) service active. (Cat II impact)
Discussion
The IMAP service should not be running unless the system is acting as a mail server for client connections. Running unnecessary services increases the attack vector on the system.
Check Content
Check the /etc/inetd.conf file for active IMAP service. #grep imapd /etc/inetd.conf | grep -v \# If the IMAP service is enabled, this is a finding.
Fix Text
Edit /etc/inetd.conf and comment out the imap2 service line. Restart the inetd service. # refresh -s inetd
Additional Identifiers
Rule ID: SV-38712r1_rule
Vulnerability ID: V-29508
Group Title: GEN009240
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-001436 |
The organization disables organization-defined networking protocols within the information system deemed to be nonsecure except for explicitly identified components in support of specific operational requirements. |
Controls
Number | Title |
---|---|
No controls are assigned to this check |