Check: AIX7-00-003043
IBM AIX 7.x STIG:
AIX7-00-003043
(in versions v3 r1 through v1 r1)
Title
If AIX system does not act as a remote print server for other servers, the lpd daemon must be disabled. (Cat II impact)
Discussion
The lpd daemon accepts remote print jobs from other systems. To prevent remote attacks this daemon should not be enabled unless there is no alternative.
Check Content
From the command prompt, execute the following command: # lsitab lpd If the command yields any output, this is a finding.
Fix Text
In "/etc/inittab", remove the "lpd" entry by running the following command: # rmitab lpd To request the init command to re-examine the "/etc/inittab" file, enter: # telinit q
Additional Identifiers
Rule ID: SV-215349r958478_rule
Vulnerability ID: V-215349
Group Title: SRG-OS-000095-GPOS-00049
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000381 |
Configure the system to provide only organization-defined mission essential capabilities. |
Controls
Number | Title |
---|---|
CM-7 |
Least Functionality |