Check: GEN003810
HP-UX 11.31 STIG:
GEN003810
(in versions v1 r19 through v1 r13)
Title
The portmap or rpcbind service must not be running unless needed. (Cat II impact)
Discussion
The portmap and rpcbind services increase the attack surface of the system and should only be used when needed. The portmap or rpcbind services are used by a variety of services using Remote Procedure Calls (RPCs).
Check Content
Check if the rpcbind process is running. # ps -ef | grep -v grep | grep rpcbind If the system needs the portmap service to operate, this is not applicable. If a process is listed and not required, this is a finding.
Fix Text
Stop and disable the rpcbind service, then verify it has not been restarted. # kill rpcbind # chmod 0000 /usr/sbin/rpcbind # ps -ef | grep -v grep | grep rpcbind
Additional Identifiers
Rule ID: SV-26665r1_rule
Vulnerability ID: V-22429
Group Title: GEN003810
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-001336 |
The organization retains individual training records for an organization-defined time period. |
Controls
Number | Title |
---|---|
AT-4 |
Security Training Records |