Disable rquotad unless rquotad is absolutely necessary.
CONTROL ID 01473
CONTROL TYPE Configuration
CLASSIFICATION Preventive
SUPPORTING AND SUPPORTED CONTROLS
This Control directly supports the implied Control(s):
Disable all unnecessary services unless otherwise noted in a policy exception., CC ID: 00880
This Control has the following implementation support Control(s):
Configure the rquotad service to use a static port or a dynamic portmapper port as appropriate., CC ID: 05983
SELECTED AUTHORITY DOCUMENTS COMPLIED WITH
Only enable rquotad if absolutely necessary. (§ 2.8, The Center for Internet Security AIX Benchmark, 1.0.1)
Only enable rquotad if absolutely necessary. (§ 2.7, The Center for Internet Security HP-UX Benchmark, 1.4.2)
Only enable rquotad if absolutely necessary. (§ 2.16, The Center for Internet Security Solaris 10 Benchmark, 2.1.2)
Only enable rquotad if absolutely necessary. (§ 2.7, The Center for Internet Security Solaris Benchmark, 1.5.0)
For Solaris, the organization must configure the system to disable rquotad. (Table F-6, CMS Business Partners Systems Security Manual, Rev. 10)
rquotad service should be enabled or disabled as appropriate
Technical Mechanisms:
via inetd
via inetd.conf
Parameters:
enabled/disabled
References:
10.8.10.5.4.1 (11) #28 (CCE-5223-3, Common Configuration Enumeration List, Combined XML: AIX 5.3, 5.20130214)
rquotad service should be enabled or disabled as appropriate
Technical Mechanisms:
via inetd
via inetd.conf
Parameters:
enabled/disabled
References:
10.8.10.5.4.1 (11) #28 (CCE-6070-7, Common Configuration Enumeration List, Combined XML: HP-UX 11.23, 5.20130214)
rquotad service should be enabled or disabled as appropriate
Technical Mechanisms:
via xinetd
Parameters:
enabled/disabled
References:
10.8.10.5.4.1 (11) #28 (CCE-5836-2, Common Configuration Enumeration List, Combined XML: Red Hat Enterprise Linux 4, 5.20130214)
rquotad service should be enabled or disabled as appropriate
Technical Mechanisms:
via inetd
via inetd.conf
Parameters:
enabled/disabled
References:
10.8.10.5.4.1 (11) #28 (CCE-6776-9, Common Configuration Enumeration List, Combined XML: Sun Solaris 8, 5.20130214)
rquotad service should be enabled or disabled as appropriate
Technical Mechanisms:
via inetd
via inetd.conf
Parameters:
enabled/disabled
References:
10.8.10.5.4.1 (11) #28 (CCE-6945-0, Common Configuration Enumeration List, Combined XML: Sun Solaris 9, 5.20130214)
Only enable rquotad if absolutely necessary. (App C § 2.7, NSA Guide to the Secure Configuration of Solaris 9, Version 1.0)