The system must not have the daytime service active.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-29504 | GEN009200 | SV-38708r1_rule | ECSC-1 | Medium |
| Description |
|---|
| The daytime service runs as root from the inetd daemon and can provide an opportunity for Denial of Service PING or PING-PONG attacks. The daytime service is unnecessary and it increases the attack vector of the system. |
| STIG | Date |
|---|---|
| Draft AIX Security Technical Implementation Guide | 2011-08-17 |
Details
| Check Text ( C-37804r1_chk ) |
|---|
| Check the /etc/inetd.conf file for TCP and UDP daytime service. #grep daytime /etc/inetd.conf | grep -v \# If the daytime service is enabled, this is a finding. |
| Fix Text (F-33062r1_fix) |
|---|
| Edit /etc/inetd.conf and comment out daytime service lines for both TCP and UDP protocols. Restart the inetd service. #refresh –s inetd |