Navigate

Check: GEN006240

AIX 6.1 SECURITY TECHNICAL IMPLEMENTATION GUIDE: GEN006240 (in versions v1 r14 through v1 r10)

Title

The system must not run an Internet Network News (INN) server. (Cat II impact)

Discussion

Internet Network News (INN) servers access Usenet newsfeeds and store newsgroup articles. INN servers use the Network News Transfer Protocol (NNTP) to transfer information from the Usenet to the server and from the server to authorized remote hosts. If this function is necessary to support a valid mission requirement, its use must be authorized and approved in the system accreditation package.

Check Content

# ps -ef | egrep "innd|nntpd" If an INN server is running, this is a finding.

Fix Text

Disable the INN server.

Additional Identifiers

Rule ID: SV-1023r2_rule

Vulnerability ID: V-1023

Group Title: GEN006240

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-000381	The organization configures the information system to provide only essential capabilities.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
CM-7	Least Functionality