Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The system must not have the echo service active.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-29507 | GEN009230 | SV-38711r1_rule | ECSC-1 | Medium |
| Description |
|---|
| The echo service can be used in Denial of Service or SMURF attacks. It can also used at someone else to get through a firewall or start a data storm. The echo service is unnecessary and it increases the attack vector of the system. |
| STIG | Date |
|---|---|
| AIX 6.1 Security Technical Implementation Guide | 2013-03-27 |
Details
| Check Text ( C-37807r1_chk ) |
|---|
| Check the /etc/inetd.conf for TCP and UDP echo service entries. #grep echo /etc/inetd.conf | grep -v \# If the echo service is enabled, this is a finding. |
| Fix Text (F-33065r1_fix) |
|---|
| Edit /etc/inetd.conf and comment out the echo service lines for both TCP and UDP. Restart the inetd service. # refresh -s inetd |