Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-29504 | GEN009200 | SV-38708r1_rule | ECSC-1 | Medium |
Description |
---|
The daytime service runs as root from the inetd daemon and can provide an opportunity for Denial of Service PING or PING-PONG attacks. The daytime service is unnecessary and it increases the attack vector of the system. |
STIG | Date |
---|---|
Draft AIX Security Technical Implementation Guide | 2011-08-17 |
Check Text ( C-37804r1_chk ) |
---|
Check the /etc/inetd.conf file for TCP and UDP daytime service. #grep daytime /etc/inetd.conf | grep -v \# If the daytime service is enabled, this is a finding. |
Fix Text (F-33062r1_fix) |
---|
Edit /etc/inetd.conf and comment out daytime service lines for both TCP and UDP protocols. Restart the inetd service. #refresh –s inetd |