Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The portmap or rpcbind service must not be running unless needed.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-22429 | GEN003810 | SV-26665r1_rule | ECSC-1 | Medium |
| Description |
|---|
| The portmap and rpcbind services increase the attack surface of the system and should only be used when needed. The portmap or rpcbind services are used by a variety of services using Remote Procedure Calls (RPCs). |
| STIG | Date |
|---|---|
| HP-UX 11.23 Security Technical Implementation Guide | 2012-05-25 |
Details
| Check Text ( C-36534r2_chk ) |
|---|
| Check if the rpcbind process is running. # ps -ef | grep -v grep | grep rpcbind If the system needs the portmap service to operate, this is not applicable. If a process is listed and not required, this is a finding. |
| Fix Text (F-31898r1_fix) |
|---|
| Stop and disable the rpcbind service, then verify it has not been restarted. # kill rpcbind # chmod 0000 /usr/sbin/rpcbind # ps -ef | grep -v grep | grep rpcbind |