UCF STIG Viewer Logo

The inetd.conf and xinetd.conf files must have mode 0440 or less permissive.


Overview

Finding ID Version Rule ID IA Controls Severity
V-822 GEN003740 SV-35072r1_rule ECLP-1 Medium
Description
The Internet service daemon configuration files must be protected as malicious modification could cause Denial of Service or increase the attack surface of the system.
STIG Date
HP-UX 11.23 Security Technical Implementation Guide 2015-12-02

Details

Check Text ( C-34936r1_chk )
Check the mode of the (x)inetd.conf file and any files identified by the configuration file includedir stanza:

# find / -type f -name inetd.conf -o -name xinetd.conf | xargs -n1 ls -lL
# grep includedir /xinetd.conf
# ls -lL

If any of the above file mode are more permissive than 0440, this is a finding.
Fix Text (F-30242r1_fix)
Change the mode of the (x)inetd.conf file.
# chmod 0440