Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The rdisc service must not be running.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-38650 | RHEL-06-000268 | SV-50451r2_rule | Low |
| Description |
|---|
| General-purpose systems typically have their network and routing information configured statically by a system administrator. Workstations or some special-purpose systems often use DHCP (instead of IRDP) to retrieve dynamic network configuration information. |
| STIG | Date |
|---|---|
| Red Hat Enterprise Linux 6 Security Technical Implementation Guide | 2018-03-01 |
Details
| Check Text ( C-46210r1_chk ) |
|---|
| To check that the "rdisc" service is disabled in system boot configuration, run the following command: # chkconfig "rdisc" --list Output should indicate the "rdisc" service has either not been installed, or has been disabled at all runlevels, as shown in the example below: # chkconfig "rdisc" --list "rdisc" 0:off 1:off 2:off 3:off 4:off 5:off 6:off Run the following command to verify "rdisc" is disabled through current runtime configuration: # service rdisc status If the service is disabled the command will return the following output: rdisc is stopped If the service is running, this is a finding. |
| Fix Text (F-43599r2_fix) |
|---|
| The "rdisc" service implements the client side of the ICMP Internet Router Discovery Protocol (IRDP), which allows discovery of routers on the local subnet. If a router is discovered then the local routing table is updated with a corresponding default route. By default this daemon is disabled. The "rdisc" service can be disabled with the following commands: # chkconfig rdisc off # service rdisc stop |