The system must not have the sprayd service active.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-29516 | GEN009320 | SV-38720r1_rule | ECSC-1 | Medium |
| Description |
|---|
| The sprayd service is sometimes used for network and nfs troubleshooting. The spray service can be used for both buffer overflow and Denial of Service attacks by saturating the network. The sprayd daemon is an unnecessary service. |
| STIG | Date |
|---|---|
| AIX 5.3 SECURITY TECHNICAL IMPLEMENTATION GUIDE | 2014-10-03 |
Details
| Check Text ( C-37816r1_chk ) |
|---|
| Check the /etc/inetd.conf file for active sprayd service. # grep sprayd /etc/inetd.conf | grep -v \# If the sprayd service is enabled, this is a finding. |
| Fix Text (F-33074r1_fix) |
|---|
| Edit the /etc/inetd.conf file and comment out the sprayd service line. Restart the inetd service. # refresh -s inetd |