STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 1 hour ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to IBM AIX 7.x Security Technical Implementation Guide

V-215352

CAT II (Medium)

If NFS is not required on AIX, the NFS daemon must be disabled.

Rule ID

SV-215352r958478_rule

STIG

IBM AIX 7.x Security Technical Implementation Guide

Version

V3R2

CCIs

CCI-000381

Discussion

The rcnfs entry starts the NFS daemons during system boot. NFS is a service with numerous historical vulnerabilities and should not be enabled unless there is no alternative. If NFS serving is required, then read-only exports are recommended and no filesystem or directory should be exported with root access. Unless otherwise required the NFS daemons (rcnfs) will be disabled.

Check Content

From the command prompt, execute the following command:
# lsitab rcnfs

If the command yields any output, this is a finding.

Fix Text

In "/etc/inittab", remove the "rcnfs" entry by running the following command:
# rmitab rcnfs

To request the init command to re-examine the "/etc/inittab" file, enter: 
# telinit q