GEN000000-AIX0300 – The system must not have the bootp service active.

Details

The bootp service is used for Network Installation Management (NIM) and remote booting of systems. The bootp service should not be active unless it is needed for NIM servers or booting remote systems. Running unnecessary services increases the attack vector of the system.

Solution

Disable the bootp service from /etc/inetd.conf.

Edit /etc/inetd.conf and comment out bootp service line.

Restart the inetd service.
#refresh -s inetd

Supportive Information

The following resource is also helpful.

https://iasecontent.disa.mil/stigs/zip/U_AIX_6-1_V1R14_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system Unix.

References

800-53|AC-4(8)
CAT|II
CCI|CCI-000032
CSCv6|9.1
Group-ID|V-29499
Rule-ID|SV-38703r1_rule
STIG-ID|GEN000000-AIX0300
Vuln-ID|V-29499

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles