The rstatd daemon must be disabled on AIX.

An XCCDF Rule

Details
Profiles

Description

The rstatd service is used to provide kernel statistics and other monitorable parameters pertinent to the system such as: CPU usage, system uptime, network usage etc. An attacker may use this information in a DoS attack. This service should be disabled.

ID: SV-215380r958478_rule
Version: AIX7-00-003075
Severity: Medium
References: CCI-000381
Updated: 24 days ago

Remediation Templates

In "/etc/inetd.conf", comment out the "rstatd" entry by running command: 
# chsubserver -r inetd -C /etc/inetd.conf -d -v 'rstatd' -p 'udp'

Restart inetd:
# refresh -s inetd

The rstatd daemon must be disabled on AIX.

Description

Remediation Templates

A Manual Procedure