The echo daemon must be disabled on AIX.

An XCCDF Rule

Details
Profiles

Description

The echo service can be used in Denial of Service or SMURF attacks. It can also be used by someone else to get through a firewall or start a data storm. The echo service is unnecessary and it increases the attack vector of the system.

ID: SV-215391r958478_rule
Version: AIX7-00-003086
Severity: Medium
References: CCI-000381
Updated: 24 days ago

Remediation Templates

In "/etc/inetd.conf", comment out the "echo" entries by running commands: 
# chsubserver -r inetd -C /etc/inetd.conf -d -v 'echo' -p 'tcp'
# chsubserver -r inetd -C /etc/inetd.conf -d -v 'echo' -p 'udp'

Restart inetd:
# refresh -s inetd

The echo daemon must be disabled on AIX.

Description

Remediation Templates

A Manual Procedure