RHEL-06-000009 - The Red Hat Network Service (rhnsd) service must not be running, unless using RHN or an RHN Satellite - 'CHKCONFIG'.

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

Although systems management and patching is extremely important to system security, management by a system outside the enterprise enclave is not desirable for some environments. However, if the system is being managed by RHN or RHN Satellite Server the 'rhnsd' daemon can remain on.

Solution

The Red Hat Network service automatically queries Red Hat Network servers to determine whether there are any actions that should be executed, such as package updates. This only occurs if the system was registered to an RHN server or satellite and managed as such. The 'rhnsd' service can be disabled with the following commands:

# chkconfig rhnsd off
# service rhnsd stop

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_RHEL_6_V2R1_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-7, CAT|III, CCI|CCI-000382, CSCv6|9.1, Rule-ID|SV-217853r505923_rule, STIG-ID|RHEL-06-000009, STIG-Legacy|SV-50278, STIG-Legacy|V-38478, Vuln-ID|V-217853

Plugin: Unix

Control ID: f03ee8580f273e5c62e57dac80eb2241fb1638df7c296254bd2a4888db58a814