Check: GEN009250
AIX 6.1 SECURITY TECHNICAL IMPLEMENTATION GUIDE:
GEN009250
(in versions v1 r14 through v1 r10)
Title
The system must not have the PostOffice Protocol (POP3) service active. (Cat II impact)
Discussion
The POP3 service is only needed if the server is acting as a mail server and clients are using applications that only support POP3. Users' ids and passwords are sent in plain text to the POP3 service. If mail client access is needed, consider using IMAP or SSL enabled POP3.
Check Content
Check the '/etc/inetd.conf' file for active POP3 service. #grep pop3 /etc/inetd.conf | grep -v \# If the POP3 service is enabled, this is a finding.
Fix Text
Edit /etc/inetd.conf and comment out POP3 the service line. Restart the inetd service. # refresh -s inetd
Additional Identifiers
Rule ID: SV-38713r1_rule
Vulnerability ID: V-29509
Group Title: GEN009250
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-001436 |
The organization disables organization-defined networking protocols within the information system deemed to be nonsecure except for explicitly identified components in support of specific operational requirements. |
Controls
Number | Title |
---|---|
No controls are assigned to this check |