Check: AIX7-00-003056
IBM AIX 7.x STIG:
AIX7-00-003056
(in versions v3 r1 through v1 r1)
Title
If rwhod is not required on AIX, the rwhod daemon must be disabled. (Cat II impact)
Discussion
This is the remote WHO service. To prevent remote attacks this daemon should not be enabled unless there is no alternative.
Check Content
From the command prompt, execute the following command: # grep "^start[[:blank:]]/usr/sbin/rwhod" /etc/rc.tcpip If there is any output from the command, this is a finding.
Fix Text
In "/etc/rc.tcpip", comment out the "rwhod" entry by running command: # chrctcp -d rwhod
Additional Identifiers
Rule ID: SV-215362r958478_rule
Vulnerability ID: V-215362
Group Title: SRG-OS-000095-GPOS-00049
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| CCI-000381 |
Configure the system to provide only organization-defined mission essential capabilities. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| CM-7 |
Least Functionality |