The rwalld daemon must be disabled on AIX.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-215406 | SRG-OS-000095-GPOS-00049 | AIX7-00-003105 | SV-215406r958478_rule | 2026-02-06 | 3 |
Description
The rwalld service allows remote users to broadcast system wide messages. The service runs as root and should be disabled unless absolutely necessary to prevent attacks.
ℹ️ Check
From the command prompt, execute the following command:
# grep "^rwalld[[:blank:]]" /etc/inetd.conf
If there is any output from the command, this is a finding.
✔️ Fix
In "/etc/inetd.conf", comment out the "rwalld" entry by running command:
# chsubserver -r inetd -C /etc/inetd.conf -d -v 'rwalld' -p 'udp'
Restart inetd:
# refresh -s inetd