STIGQter STIGQter: STIG Summary: IBM AIX 7.x Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 25 Apr 2019: AIX ftpd daemon must not be running.

DISA Rule

SV-101405r1_rule

Vulnerability Number

V-91307

Group Title

SRG-OS-000074-GPOS-00042

Rule Version

AIX7-00-002060

Severity

CAT I

CCI(s)

Weight

10

Fix Recommendation

Disable "ftp" daemon entry in "/etc/inetd.conf" using command:
# chsubserver -r inetd -C /etc/inetd.conf -d -v 'ftp' -p 'tcp6'

Reload the inetd process:
# refresh -s inetd

Check Contents

Determine if the "ftp" daemon is running by running the following command:
# grep "^ftp[[:blank:]]" /etc/inetd.conf

If an entry is returned like the following line, the "ftp" daemon is running:
ftp stream tcp6 nowait root /usr/sbin/ftpd ftpd

If the above grep command returned a line that contains "ftpd", this is a finding.

Vulnerability Number

V-91307

Documentable

False

Rule Version

AIX7-00-002060

Severity Override Guidance

Determine if the "ftp" daemon is running by running the following command:
# grep "^ftp[[:blank:]]" /etc/inetd.conf

If an entry is returned like the following line, the "ftp" daemon is running:
ftp stream tcp6 nowait root /usr/sbin/ftpd ftpd

If the above grep command returned a line that contains "ftpd", this is a finding.

Check Content Reference

M

Target Key

3491

Comments