Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-12005 | GEN003700 | SV-35064r1_rule | ECSC-1 | Medium |
Description |
---|
Unnecessary services should be disabled to decrease the attack surface of the system. |
STIG | Date |
---|---|
HP-UX 11.31 Security Technical Implementation Guide | 2015-03-18 |
Check Text ( C-36522r1_chk ) |
---|
First determine if (x)inetd is running: # ps -ef | grep -v "grep" | egrep -i "inetd|xinetd" Then, determine the contents of the configuration file: # find / -type f -name xinetd.conf -o -name inetd.conf | xargs -n1 cat | \ tr '\011' ' ' | tr -s ' ' | sed -e 's/^[ \t]*//' | grep -v "^#" If inetd is running and no active services are found (i.e., the configuration file does not exist, is empty or is completely commented out), this is a finding. If inetd is not running and the configuration file does not exist, is empty or is completely commented out, this is not a finding. If inetd is running and active services are found via the ps command and are also in the inetd.conf file, this is not a finding. |
Fix Text (F-31882r1_fix) |
---|
Remove or disable the inetd startup scripts and kill the service. |