Check: AIX7-00-003063
IBM AIX 7.x STIG:
AIX7-00-003063
(in versions v3 r1 through v1 r1)
Title
The ndpd-router must be disabled on AIX. (Cat II impact)
Discussion
This manages the Neighbor Discovery Protocol (NDP) for non-kernel activities, required in IPv6. The ndpd-router manages NDP for non-kernel activities. Unless the server utilizes IPv6, this is not required and should be disabled to prevent attacks.
Check Content
From the command prompt, execute the following command: # grep "^start[[:blank:]]/usr/sbin/ndpd-router" /etc/rc.tcpip If there is any output from the command, this is a finding.
Fix Text
In "/etc/rc.tcpip", comment out the "ndpd-router" entry by running command: # chrctcp -d ndpd-router
Additional Identifiers
Rule ID: SV-215368r958478_rule
Vulnerability ID: V-215368
Group Title: SRG-OS-000095-GPOS-00049
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000381 |
Configure the system to provide only organization-defined mission essential capabilities. |
Controls
Number | Title |
---|---|
CM-7 |
Least Functionality |