CCE-90706-3Platform: rhel7,centos7 | Date: (C)2017-06-29 (M)2022-10-10 |
Disable Red Hat Network Service (rhnsd)
The Red Hat Network service automatically queries Red Hat Network
servers to determine whether there are any actions that should be executed,
such as package updates. This only occurs if the system was registered to an
RHN server or satellite and managed as such.
The 'rhnsd' service can be disabled with the following command:
'$ sudo systemctl disable rhnsd'
Parameter:
Technical Mechanism:
Although systems management and patching is extremely important to
system security, management by a system outside the enterprise enclave is not
desirable for some environments. However, if the system is being managed by RHN or
RHN Satellite Server the 'rhnsd' daemon can remain on.
Fix:
#
# Disable rhnsd for all run levels
#
chkconfig --level 0123456 rhnsd off
#
# Stop rhnsd if currently running
#
service rhnsd stop
CCSS Severity: | CCSS Metrics: |
CCSS Score : | Attack Vector: |
Exploit Score: | Attack Complexity: |
Impact Score: | Privileges Required: |
Severity: | User Interaction: |
Vector: | Scope: |
| Confidentiality: |
| Integrity: |
| Availability: |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:31120 |
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:30397 |