SV-216059r603268_rule
V-216059
SRG-OS-000480
SOL-11.1-020170
CAT II
10
The Service Management profile is required.
If services such as portmap or rpcbind are required for system operations, the operator must document the services used and obtain approval from their Authorizing Official. They should also document the method(s) of blocking all other remote accesses through tools like a firewall or tcp_wrappers.
Otherwise, configure the rpc/bind service for local only access.
# svccfg -s network/rpc/bind setprop config/local_only=true
Check the status of the rpcbind service local_only property.
# svcprop -p config/local_only network/rpc/bind
If the state is not "true", this is a finding, unless it is required for system operations, then this is not a finding.
V-216059
False
SOL-11.1-020170
Check the status of the rpcbind service local_only property.
# svcprop -p config/local_only network/rpc/bind
If the state is not "true", this is a finding, unless it is required for system operations, then this is not a finding.
M
4021