3.3.4.1 bootps

Information

This entry starts the command /usr/sbin/bootpd when required. This service is used to provide boot partition data for a network boot. It uses the same UDP port as DHCP server dhcpsd.

The recommendation is to disable this service UNLESS you are operating a NIM server. When using NIM bootps as a service is accepted, but the preference would be to configure a DHCP server with the equivalent information.

Rationale:

The bootpd command implements an Internet Boot Protocol server.

Solution

In /etc/inetd.conf, comment out the bootps entry and refresh the inetd process:

chsubserver -r inetd -C /etc/inetd.conf -d -v 'daytime' -p udp
lssrc -s inetd && refresh -s inetd

Default Value:

Disabled

See Also

https://workbench.cisecurity.org/files/3525

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6, 800-53|CM-7, CSCv7|9.2

Plugin: Unix

Control ID: 50286a5717976681fe7341becb15561ff908906064d97f9df452a52fbb330920