Navigate

Check: GEN006240

Solaris 10 SPARC STIG: GEN006240 (in versions v2 r4 through v1 r19)

Title

The system must not run an Internet Network News (INN) server. (Cat II impact)

Discussion

Internet Network News (INN) servers access Usenet newsfeeds and store newsgroup articles. INN servers use the Network News Transfer Protocol (NNTP) to transfer information from the Usenet to the server and from the server to authorized remote hosts. If this function is necessary to support a valid mission requirement, its use must be authorized and approved in the system accreditation package.

Check Content

# ps -ef | egrep "innd|nntpd" If an INN server is running, this is a finding.

Fix Text

Disable the INN server.

Additional Identifiers

Rule ID: SV-227030r603265_rule

Vulnerability ID: V-227030

Group Title: SRG-OS-000095

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-000381	The organization configures the information system to provide only essential capabilities.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
CM-7	Least Functionality