An XCCDF Group - A logical subset of the XCCDF Benchmark
firewalld
rsync
$ sudo yum erase rsync
rsyncd
$ sudo systemctl mask --now rsyncd.service
xinetd
tcp_wrappers
$ sudo yum install tcp_wrappers
$ sudo yum erase xinetd
$ sudo systemctl mask --now xinetd.service
/etc/hosts.deny
/etc/hosts.allow
ALL: ALL
$ sudo chgrp root /etc/hosts.allow
$ sudo chgrp root /etc/hosts.deny
$ sudo chown root /etc/hosts.allow
$ sudo chown root /etc/hosts.deny
$ sudo chmod 0644 /etc/hosts.allow
$ sudo chmod 0644 /etc/hosts.deny
ypbind
ypserv
$ sudo yum erase ypserv
$ sudo systemctl mask --now ypbind.service
$ sudo systemctl mask --now ypserv.service
rsh-server
$ sudo yum erase rsh-server
rsh
rexec
disable
yes
/etc/xinetd.d/rexec
$ sudo systemctl mask --now rexec.socket
rlogin
/etc/xinetd.d/rlogin
$ sudo systemctl mask --now rlogin.socket
/etc/xinetd.d/rsh
$ sudo systemctl mask --now rsh.socket
shosts.equiv
$ sudo rm /[path]/[to]/[file]/shosts.equiv
/etc/hosts.equiv
~/.rhosts
$ sudo rm /etc/hosts.equiv
$ rm ~/.rhosts
~/.shosts
$ sudo find / -name '.shosts' -type f -delete
talk-server
$ sudo yum erase talk-server
talk
$ sudo yum erase talk
telnet-server
$ sudo yum erase telnet-server
telnet
$ sudo systemctl mask --now telnet.socket
tftp-server
$ sudo yum erase tftp-server
tftp
$ sudo systemctl mask --now tftp.service
/etc/xinetd.d/tftp
-s
server_args = -s