Check: AIX7-00-003056
IBM AIX 7.x STIG:
AIX7-00-003056
(in versions v2 r9 through v1 r1)
Title
If rwhod is not required on AIX, the rwhod daemon must be disabled. (Cat II impact)
Discussion
This is the remote WHO service. To prevent remote attacks this daemon should not be enabled unless there is no alternative.
Check Content
From the command prompt, execute the following command: # grep "^start[[:blank:]]/usr/sbin/rwhod" /etc/rc.tcpip If there is any output from the command, this is a finding.
Fix Text
In "/etc/rc.tcpip", comment out the "rwhod" entry by running command: # chrctcp -d rwhod
Additional Identifiers
Rule ID: SV-215362r508663_rule
Vulnerability ID: V-215362
Group Title: SRG-OS-000095-GPOS-00049
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| CCI-000381 |
The organization configures the information system to provide only essential capabilities. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| CM-7 |
Least Functionality |