Title

The echo daemon must be disabled on AIX. (Cat II impact)

Discussion

The echo service can be used in Denial of Service or SMURF attacks. It can also be used by someone else to get through a firewall or start a data storm. The echo service is unnecessary and it increases the attack vector of the system.

Check Content

Check the /etc/inetd.conf for TCP and UDP echo service entries using command: # grep echo /etc/inetd.conf | grep -v \# If there is any output from the command, this is a finding.

Fix Text

In "/etc/inetd.conf", comment out the "echo" entries by running commands: # chsubserver -r inetd -C /etc/inetd.conf -d -v 'echo' -p 'tcp' # chsubserver -r inetd -C /etc/inetd.conf -d -v 'echo' -p 'udp' Restart inetd: # refresh -s inetd

Additional Identifiers

Rule ID: SV-215391r508663_rule

Vulnerability ID: V-215391

Group Title: SRG-OS-000095-GPOS-00049

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.