[ibm-aix-ibmi-hosting] Recurring security scans - and actions to be taken.

Daniel Black daniel at mariadb.org
Wed Aug 25 03:44:26 UTC 2021


Opps, me looks up

On Thu, Aug 19, 2021 at 6:44 AM Michael Felt <aixtools at felt.demon.nl> wrote:
>
> If you don't need any of the inetd services - also stop the inetd process.
>
> # /usr/sbin/chrctcp -S -d inetd
>


On Wed, Aug 25, 2021 at 1:43 PM Daniel Black <daniel at mariadb.org> wrote:
>
> On Wed, Aug 25, 2021 at 10:09 AM Lance Albertson <lance at osuosl.org> wrote:
> >
> > All,
> >
> > Thanks for resolving the issues as reported last week. It looks like all of the ntp problems have been resolved! I've attached the report from yesterday so everyone can see.
> >
> > However we do have a few issues left that need to be fixed. It appears that rexecd is running again on p8-aix1-mariadb.osuosl.org. We need to make sure that service is either disabled always or at least blocked off.
>
> Thanks Lance,
>
> Seems corrected - (thanks Michael?)
>
> root at p8-aix1-mariadb:[/root]egrep -v '^(#|$)' /etc/inetd.conf
> daytime stream  tcp     nowait  root    internal
> time    stream  tcp     nowait  root    internal
> daytime dgram   udp     wait    root    internal
> time    dgram   udp     wait    root    internal
> xmquery dgram   udp6    wait    root    /usr/bin/xmtopas xmtopas -p3
> caa_cfg stream  tcp6    nowait  root    /usr/sbin/clusterconf
> clusterconf >>/var/adm/ras/clusterconf.log 2>&1
>
> root at p8-aix1-mariadb:[/root]grep exec /etc/inetd.conf
> ##      needs to be executed for inetd to re-read the inetd.conf file.
> #exec    stream  tcp6    nowait  root    /usr/sbin/rexecd       rexecd
>
> Is disabling inetd possible/recommended?
>
> Is commenting all /etc/inetd.conf service the right way?
>
> Is disabling /etc/rc.tcpip to disable inetd and others sane?
>
> https://www.ibm.com/docs/en/aix/7.1?topic=files-rctcpip-file-tcpip
>
> > I'll check back on this next week to see any progress.


More information about the ibm-aix-ibmi-hosting mailing list