An error occurred:

Check: GEN003810

HP-UX 11.31 STIG: GEN003810 (in versions v1 r19 through v1 r13)

Title

The portmap or rpcbind service must not be running unless needed. (Cat II impact)

Discussion

The portmap and rpcbind services increase the attack surface of the system and should only be used when needed. The portmap or rpcbind services are used by a variety of services using Remote Procedure Calls (RPCs).

Check Content

Check if the rpcbind process is running. # ps -ef | grep -v grep | grep rpcbind If the system needs the portmap service to operate, this is not applicable. If a process is listed and not required, this is a finding.

Fix Text

Stop and disable the rpcbind service, then verify it has not been restarted. # kill rpcbind # chmod 0000 /usr/sbin/rpcbind # ps -ef | grep -v grep | grep rpcbind

Additional Identifiers

Rule ID: SV-26665r1_rule

Vulnerability ID: V-22429

Group Title: GEN003810

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-001336

The organization retains individual training records for an organization-defined time period.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
AT-4

Security Training Records