Check: GEN003700
SUSE Linux Enterprise Server v11 for System z STIG:
GEN003700
(in versions v1 r12 through v1 r9)
Title
Inetd and xinetd must be disabled or removed if no network services utilizing them are enabled. (Cat II impact)
Discussion
Unnecessary services should be disabled to decrease the attack surface of the system.
Check Content
# ps -ef |grep xinetd If xinetd is not running, this check is not a finding. # grep -v "^#" /etc/xinetd.conf # grep disable /etc/xinetd.d/* |grep no If no active services are found, and the inetd daemon is running, this is a finding.
Fix Text
# rcxinetd stop; insserv -r xinetd OR # service xinetd stop ; chkconfig xinetd off
Additional Identifiers
Rule ID: SV-45756r1_rule
Vulnerability ID: V-12005
Group Title: GEN003700
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| CCI-000305 |
The organization develops a list of software programs not authorized to execute on the information system. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| No controls are assigned to this check |