The pcnfsd daemon must be disabled on AIX.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-215379	AIX7-00-003074	SV-215379r508663_rule		Medium

Description
The pcnfsd service is an authentication and printing program, which uses NFS to provide file transfer services. This service is vulnerable and exploitable and permits the machine to be compromised both locally and remotely. If PC NFS clients are required within the environment, Samba is recommended as an alternative software solution. The pcnfsd daemon predates Microsoft's release of SMB specifications. This service should therefore be disabled to prevent attacks.

Description

The pcnfsd service is an authentication and printing program, which uses NFS to provide file transfer services. This service is vulnerable and exploitable and permits the machine to be compromised both locally and remotely. If PC NFS clients are required within the environment, Samba is recommended as an alternative software solution. The pcnfsd daemon predates Microsoft's release of SMB specifications. This service should therefore be disabled to prevent attacks.

STIG	Date
IBM AIX 7.x Security Technical Implementation Guide	2021-03-10

Details

Check Text ( C-16577r294588_chk )
From the command prompt, execute the following command: # grep "^pcnfsd[[:blank:]]" /etc/inetd.conf If there is any output from the command, this is a finding.

Fix Text (F-16575r294589_fix)
In "/etc/inetd.conf", comment out the "pcnfsd" entry by running command: # chsubserver -r inetd -C /etc/inetd.conf -d -v 'pcnfsd' -p 'udp' Restart inetd: # refresh -s inetd