The daytime daemon must be disabled on AIX.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-215369 | SRG-OS-000095-GPOS-00049 | AIX7-00-003064 | SV-215369r958478_rule | 2026-02-06 | 3 |
Description
The daytime service provides the current date and time to other servers on a network.
This daytime service is a defunct time service, typically used for testing purposes only. The service should be disabled as it can leave the system vulnerable to DoS ping attacks.
ℹ️ Check
From the command prompt, execute the following command:
# grep "^daytime[[:blank:]]" /etc/inetd.conf
If there is any output from the command, this is a finding.
✔️ Fix
In "/etc/inetd.conf", comment out the "daytime" entries by running commands:
# chsubserver -r inetd -C /etc/inetd.conf -d -v 'daytime' -p 'tcp'
# chsubserver -r inetd -C /etc/inetd.conf -d -v 'daytime' -p 'udp'
Restart inetd:
# refresh -s inetd