Navigate

Check: GEN006240

SUSE Linux Enterprise Server v11 for System z STIG: GEN006240 (in versions v1 r12 through v1 r9)

Title

The system must not run an Internet Network News (INN) server. (Cat II impact)

Discussion

INN servers access Usenet newsfeeds and store newsgroup articles. INN servers use the Network News Transfer Protocol (NNTP) to transfer information from the Usenet to the server and from the server to authorized remote hosts. If this function is necessary to support a valid mission requirement, its use must be authorized and approved in the system accreditation package.

Check Content

# ps -ef | egrep "innd|nntpd" If an Internet Network News server is running, this is a finding.

Fix Text

Disable the INN server.

Additional Identifiers

Rule ID: SV-46142r1_rule

Vulnerability ID: V-1023

Group Title: GEN006240

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-000381	The organization configures the information system to provide only essential capabilities.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
CM-7	Least Functionality