[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-90305-4

Platform: macosx10.10Date: (C)2015-06-23   (M)2022-10-10



Disable NFS Services if Not in Use If the system does not require access to NFS (Network File System) file shares or is not acting as an NFS server, then support for NFS is non-essential and NFS services must be disabled. NFS is a network file system protocol supported by Unix-like operating systems. Enabling any service increases the attack surface for an intruder. By disabling unnecessary services, the attack surface is minimized.


Parameter:

enabled/disabled


Technical Mechanism:

The NFS daemon must be disabled. To check if NFS is disabled, run the following command: sudo /usr/libexec/PlistBuddy -c 'print com.apple.nfsd:Disabled' /var/db/launchd.db/com.apple.launchd/overrides.plist If the returned value isn't 'true', this is a finding. The NFS lock daemon must be disabled. To check if the NFS lock daemon is disabled, run the following command: sudo /usr/libexec/PlistBuddy -c 'print com.apple.lockd:Disabled' /var/db/launchd.db/com.apple.launchd/overrides.plist If the returned value isn't 'true', this is a finding. The NFS stat daemon must be disabled. To check if the NFS stat daemon is disabled, run the following command: sudo /usr/libexec/PlistBuddy -c 'print com.apple.statd.notify:Disabled' /var/db/launchd.db/com.apple.launchd/overrides.plist If the returned value isn't 'true', this is a finding.

CCSS Severity:CCSS Metrics:
CCSS Score : Attack Vector:
Exploit Score: Attack Complexity:
Impact Score: Privileges Required:
Severity: User Interaction:
Vector: Scope:
 Confidentiality:
 Integrity:
 Availability:
  

References:
Resource IdReference
NISTCM-7 a
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:25082
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:31670
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:25082
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:31670
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:25082
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:31670
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:25082


OVAL    2
oval:org.secpod.oval:def:25082
oval:org.secpod.oval:def:31670

© SecPod Technologies