Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The system must not have the PostOffice Protocol (POP3) service active.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-29509 | GEN009250 | SV-38713r1_rule | ECSC-1 | Medium |
| Description |
|---|
| The POP3 service is only needed if the server is acting as a mail server and clients are using applications that only support POP3. Users' ids and passwords are sent in plain text to the POP3 service. If mail client access is needed, consider using IMAP or SSL enabled POP3. |
| STIG | Date |
|---|---|
| AIX 6.1 Security Technical Implementation Guide | 2014-09-29 |
Details
| Check Text ( None ) |
|---|
| None |
| Fix Text (F-33067r1_fix) |
|---|
| Edit /etc/inetd.conf and comment out POP3 the service line. Restart the inetd service. # refresh -s inetd |