The rwalld daemon must be disabled on AIX.

An XCCDF Rule

Details
Profiles
Prose

Description

<VulnDiscussion>The rwalld service allows remote users to broadcast system wide messages. The service runs as root and should be disabled unless absolutely necessary to prevent attacks.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-215406r508663_rule
Severity: Medium
References: CCI-000381
Updated: 8 months ago

In "/etc/inetd.conf", comment out the "rwalld" entry by running command: 
# chsubserver -r inetd -C /etc/inetd.conf -d -v 'rwalld' -p 'udp'

Restart inetd:
# refresh -s inetd

The rwalld daemon must be disabled on AIX.

Description

Remediation - Manual Procedure