====== 2.1.3 Ensure discard services are not enabled (Scored)======
=====Profile Applicability=====  
<code>
Level 1 - Server 
Level 1 - Workstation
</code>

=====Description=====
''discard'' is a network service that simply discards all data it receives. This service is intended for debugging and testing purposes. It is recommended that this service be disabled.

=====Rationale=====
Disabling this service will reduce the remote attack surface of the system.

=====Audit===== 
Run the following command and verify ''discard-dgram'' and ''discard-stream'' are off or missing:
<Code:bash>
# chkconfig --list
 xinetd based services:
   discard-dgram: off 
   discard-stream: off
</Code>

=====Remediation===== 
Run the following commands to disable ''discard-dgram'' and ''discard-stream'':
<Code:bash>
# chkconfig discard-dgram off 
# chkconfig discard-stream off
</Code>