Check: GEN009320
AIX 6.1 SECURITY TECHNICAL IMPLEMENTATION GUIDE:
GEN009320
(in versions v1 r14 through v1 r10)
Title
The system must not have the sprayd service active. (Cat II impact)
Discussion
The sprayd service is sometimes used for network and nfs troubleshooting. The spray service can be used for both buffer overflow and Denial of Service attacks by saturating the network. The sprayd daemon is an unnecessary service.
Check Content
Check the /etc/inetd.conf file for active sprayd service. # grep sprayd /etc/inetd.conf | grep -v \# If the sprayd service is enabled, this is a finding.
Fix Text
Edit the /etc/inetd.conf file and comment out the sprayd service line. Restart the inetd service. # refresh -s inetd
Additional Identifiers
Rule ID: SV-38720r1_rule
Vulnerability ID: V-29516
Group Title: GEN009320
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-001436 |
The organization disables organization-defined networking protocols within the information system deemed to be nonsecure except for explicitly identified components in support of specific operational requirements. |
Controls
Number | Title |
---|---|
No controls are assigned to this check |