Check: GEN003700
Solaris 10 SPARC STIG:
GEN003700
(in versions v2 r4 through v1 r19)
Title
Inetd and xinetd must be disabled or removed if no network services utilizing them are enabled. (Cat II impact)
Discussion
Unnecessary services should be disabled to decrease the attack surface of the system.
Check Content
Determine if inetd is running, # svcs -a | grep inetd If inetd is not running, this check is not a finding. # inetadm | grep -v disabled If no enabled/online services are found, yet the inetd daemon is running, this is a finding.
Fix Text
Disable the inetd service. Procedure: # svcadm disable inetd
Additional Identifiers
Rule ID: SV-226906r603265_rule
Vulnerability ID: V-226906
Group Title: SRG-OS-000095
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| CCI-000381 |
The organization configures the information system to provide only essential capabilities. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| CM-7 |
Least Functionality |