STIGQter STIGQter: STIG Summary: IBM AIX 7.x Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 23 Apr 2021:

The discard daemon must be disabled on AIX.

DISA Rule

SV-215377r508663_rule

Vulnerability Number

V-215377

Group Title

SRG-OS-000095-GPOS-00049

Rule Version

AIX7-00-003072

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

In "/etc/inetd.conf", comment out the "discard" entries by running commands:
# chsubserver -r inetd -C /etc/inetd.conf -d -v 'discard' -p 'tcp'
# chsubserver -r inetd -C /etc/inetd.conf -d -v 'discard' -p 'udp'

Restart inetd:
# refresh -s inetd

Check Contents

From the command prompt, execute the following command:
# grep "^discard[[:blank:]]" /etc/inetd.conf

If there is any output from the command, this is a finding.

Vulnerability Number

V-215377

Documentable

False

Rule Version

AIX7-00-003072

Severity Override Guidance

From the command prompt, execute the following command:
# grep "^discard[[:blank:]]" /etc/inetd.conf

If there is any output from the command, this is a finding.

Check Content Reference

M

Target Key

4012

Comments