UUCP contents.gifindex.gif

UUCP

This option checks for login availability through the uucp service. UUCP (UNIX-to-UNIX Copy Protocol) is used as a dial-up protocol, and may pose a security risk because of possible vulnerabilities. UUCP should only be run if required at your site.

Risk: Medium

Fix: Hosts that do not need to allow uucp access should disable it by placing a # at the beginning of the uucp line in the file /etc/inetd.conf and then sending the SIGHUP signal to the inetd process to restart the process. The disabled entry should resemble this line:

#uucp stream tcp nowait root /usr/etc/in.uucpd in.uucpd

Advisories: CA-92:06.AIX.uucp.vulnerability