Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-216059 | SOL-11.1-020170 | SV-216059r505929_rule | Medium |
Description |
---|
The portmap and rpcbind services increase the attack surface of the system and should only be used when needed. The portmap or rpcbind services are used by a variety of services using remote procedure calls (RPCs). The organization may define and document the limited use of services (for example NFS) that may use these services with approval from their Authorizing Official. |
STIG | Date |
---|---|
Solaris 11 X86 Security Technical Implementation Guide | 2020-09-03 |
Check Text ( C-17297r372559_chk ) |
---|
Check the status of the rpcbind service local_only property. # svcprop -p config/local_only network/rpc/bind If the state is not "true", this is a finding, unless it is required for system operations, then this is not a finding. |
Fix Text (F-17295r372560_fix) |
---|
The Service Management profile is required. If services such as portmap or rpcbind are required for system operations, the operator must document the services used and obtain approval from their Authorizing Official. They should also document the method(s) of blocking all other remote accesses through tools like a firewall or tcp_wrappers. Otherwise, configure the rpc/bind service for local only access. # svccfg -s network/rpc/bind setprop config/local_only=true |