The rwalld daemon must be disabled on AIX.
An XCCDF Rule
Description
The rwalld service allows remote users to broadcast system wide messages. The service runs as root and should be disabled unless absolutely necessary to prevent attacks.
- ID
- SV-215406r958478_rule
- Version
- AIX7-00-003105
- Severity
- Medium
- References
- Updated
Remediation Templates
A Manual Procedure
In "/etc/inetd.conf", comment out the "rwalld" entry by running command:
# chsubserver -r inetd -C /etc/inetd.conf -d -v 'rwalld' -p 'udp'
Restart inetd:
# refresh -s inetd