3.1.5.22 rusersd

Information

This entry starts the rsusersd daemon when required. This service provides a list of current users active on a system.

Rationale:

The rusersd service runs as root and provides a list of current users active on a system. An attacker may use this service to learn valid account names on the system. This is not an essential service and should be disabled.

Solution

Use chsubserver to disable this service in /etc/inetd.conf:

chsubserver -r inetd -C /etc/inetd.conf -d -v 'rusersd' -p 'udp'
refresh -s inetd

Default Value:

Disabled

See Also

https://workbench.cisecurity.org/files/4119

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6, 800-53|CM-7, CSCv7|9.2

Plugin: Unix

Control ID: fbb47da64f5b00d33f79fd40f534e48f44b02c86c54d4ad52a10a9b937b0648f