Back

Disable rquotad unless rquotad is absolutely necessary.


CONTROL ID
01473
CONTROL TYPE
Configuration
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Disable all unnecessary services unless otherwise noted in a policy exception., CC ID: 00880

This Control has the following implementation support Control(s):
  • Configure the rquotad service to use a static port or a dynamic portmapper port as appropriate., CC ID: 05983


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • Only enable rquotad if absolutely necessary. (§ 2.8, The Center for Internet Security AIX Benchmark, 1.0.1)
  • Only enable rquotad if absolutely necessary. (§ 2.7, The Center for Internet Security HP-UX Benchmark, 1.4.2)
  • Only enable rquotad if absolutely necessary. (§ 2.16, The Center for Internet Security Solaris 10 Benchmark, 2.1.2)
  • Only enable rquotad if absolutely necessary. (§ 2.7, The Center for Internet Security Solaris Benchmark, 1.5.0)
  • For Solaris, the organization must configure the system to disable rquotad. (Table F-6, CMS Business Partners Systems Security Manual, Rev. 10)
  • rquotad service should be enabled or disabled as appropriate Technical Mechanisms: via inetd via inetd.conf Parameters: enabled/disabled References: 10.8.10.5.4.1 (11) #28 (CCE-5223-3, Common Configuration Enumeration List, Combined XML: AIX 5.3, 5.20130214)
  • rquotad service should be enabled or disabled as appropriate Technical Mechanisms: via inetd via inetd.conf Parameters: enabled/disabled References: 10.8.10.5.4.1 (11) #28 (CCE-6070-7, Common Configuration Enumeration List, Combined XML: HP-UX 11.23, 5.20130214)
  • rquotad service should be enabled or disabled as appropriate Technical Mechanisms: via xinetd Parameters: enabled/disabled References: 10.8.10.5.4.1 (11) #28 (CCE-5836-2, Common Configuration Enumeration List, Combined XML: Red Hat Enterprise Linux 4, 5.20130214)
  • rquotad service should be enabled or disabled as appropriate Technical Mechanisms: via inetd via inetd.conf Parameters: enabled/disabled References: 10.8.10.5.4.1 (11) #28 (CCE-6776-9, Common Configuration Enumeration List, Combined XML: Sun Solaris 8, 5.20130214)
  • rquotad service should be enabled or disabled as appropriate Technical Mechanisms: via inetd via inetd.conf Parameters: enabled/disabled References: 10.8.10.5.4.1 (11) #28 (CCE-6945-0, Common Configuration Enumeration List, Combined XML: Sun Solaris 9, 5.20130214)
  • Only enable rquotad if absolutely necessary. (App C § 2.7, NSA Guide to the Secure Configuration of Solaris 9, Version 1.0)