Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== 2.1.3 Ensure discard services are not enabled (Scored)====== =====Profile Applicability===== <code> Level 1 - Server Level 1 - Workstation </code> =====Description===== ''discard'' is a network service that simply discards all data it receives. This service is intended for debugging and testing purposes. It is recommended that this service be disabled. =====Rationale===== Disabling this service will reduce the remote attack surface of the system. =====Audit===== Run the following command and verify ''discard-dgram'' and ''discard-stream'' are off or missing: <Code:bash> # chkconfig --list xinetd based services: discard-dgram: off discard-stream: off </Code> =====Remediation===== Run the following commands to disable ''discard-dgram'' and ''discard-stream'': <Code:bash> # chkconfig discard-dgram off # chkconfig discard-stream off </Code> centos7/2/1/3.txt Last modified: 2017/05/04 15:24by Piotr Kłoczewski