The SERVICES file contains information on the known services available on the Internet.
When LISTNER starts, it reads the SERVICES file to resolve the services configured in the PORTCONF file, and checks that the service name and corresponding port are valid. Once the accuracy of the PORTCONF file content is verified against the SERVICES file, the LISTNER process listens to the configured ports, waiting for incoming connection requests from remote clients .
Additionally, the HOSTS file maintains the list of host IP addresses. It is likewise consulted for HOST address information.
RISK LISTNER resolves services configured in PORTCONF. If the services are not configured properly, programs such as FTP will not function.
RISK There may be more than one SERVICES and HOSTS file active to separate LISTNER processes. If more than one is used, it can become confusing, because it is sometimes difficult to determine which LISTNER is using which file.
BP-FILE-SERVICES-01 SERVICES should be secured "NUUU".
BP-OPSYS-OWNER-03 SERVICES should be owned by SUPER.SUPER.
BP-OPSYS-FILELOC-03 SERVICES resides in $SYSTEM.ZTCPIP
BP-FILE-HOSTS-01 HOSTS should be secured "NUUU".
BP-OPSYS-OWNER-03 HOSTS should be owned by SUPER.SUPER.
BP-OPSYS-FILELOC-03 HOSTS resides in $SYSTEM.ZTCPIP
If available, use Safeguard software or a third party object security product to grant access to SERVICES only to users who require it in order to perform their jobs.
BP-SAFE-SERVICES-01 Add a Safeguard Protection Record to grant appropriate access to the SERVICES file.
BP-SAFE - HOSTS-01 Add a Safeguard Protection Record to grant appropriate access to the HOSTS file.
Discovery Questions | Look here: | |
---|---|---|
FILE-POLICY | Who is allowed to modify the HOSTS and SERVICES file? | Policy |
OPSYS-OWNER-03 | Who owns the SERVICES object file? | Fileinfo |
OPSYS-OWNER-03 | Who owns the HOSTS object file? | Fileinfo |
FILE-SERVICES-01 SAFE-SERVICES-01 | Is the SERVICES file correctly secured with the Guardian or Safeguard system? | Fileinfo Safecom |
FILE-HOSTS-01 | Is the HOSTS file correctly secured with the Guardian or Safeguard system? | Fileinfo Safecom |