UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Inetd and xinetd must be disabled or removed if no network services utilizing them are enabled.


Overview

Finding ID Version Rule ID IA Controls Severity
V-12005 GEN003700 SV-35064r1_rule ECSC-1 Medium
Description
Unnecessary services should be disabled to decrease the attack surface of the system.
STIG Date
HP-UX 11.31 Security Technical Implementation Guide 2015-03-18

Details

Check Text ( C-36522r1_chk )
First determine if (x)inetd is running:
# ps -ef | grep -v "grep" | egrep -i "inetd|xinetd"

Then, determine the contents of the configuration file:
# find / -type f -name xinetd.conf -o -name inetd.conf | xargs -n1 cat | \
tr '\011' ' ' | tr -s ' ' | sed -e 's/^[ \t]*//' | grep -v "^#"

If inetd is running and no active services are found (i.e., the configuration file does not exist, is empty or is completely commented out), this is a finding.

If inetd is not running and the configuration file does not exist, is empty or is completely commented out, this is not a finding.

If inetd is running and active services are found via the ps command and are also in the inetd.conf file, this is not a finding.
Fix Text (F-31882r1_fix)
Remove or disable the inetd startup scripts and kill the service.