AIX

Hello everyone,

does the CIMSERVER service come by default with the AIX installation?

I want to disable it because of the "SSL Version 2 and 3 Protocol Detection" vulnerability (port 5989), but I need to know if anything could be affected within the OS by doing it.


PAP2264 # netstat -Aan | grep 5989
f1000e00001803b8 tcp 0 0 *.5989 *.* LISTEN

PAP2264 # rmsock f1000e00001803b8 tcpcb
The socket 0xf1000e0000180008 is being held by proccess 5111970 (cimserver).

PAP2264 # ps -ef | grep 5111970 | grep -v grep
root 5111970 1 0 Jul 02 - 0:47 [cimserve]


Is it safe to disable this service?


Thanks.

------------------------------
Juan Burgos
------------------------------

Hello Juan,

if you installed everything, then it comes "by default" with AIX. Otherwise I don't see any problem to disable it. On my AIX servers it is usually NOT installed at all. It was used in times of IBM Systems Director, but the product is cancelled and usually not needed.

https://www.ibm.com/support/pages/how-remove-aix-ibm-systems-director-filesets

------------------------------
Andrey Klyachkin

https://www.power-devops.com
------------------------------

Original Message:
Sent: Fri September 23, 2022 11:54 AM
From: Juan Burgos
Subject: disable CIMSERVER

Hello everyone,

does the CIMSERVER service come by default with the AIX installation?

I want to disable it because of the "SSL Version 2 and 3 Protocol Detection" vulnerability (port 5989), but I need to know if anything could be affected within the OS by doing it.


PAP2264 # netstat -Aan | grep 5989
f1000e00001803b8 tcp 0 0 *.5989 *.* LISTEN

PAP2264 # rmsock f1000e00001803b8 tcpcb
The socket 0xf1000e0000180008 is being held by proccess 5111970 (cimserver).

PAP2264 # ps -ef | grep 5111970 | grep -v grep
root 5111970 1 0 Jul 02 - 0:47 [cimserve]


Is it safe to disable this service?


Thanks.

------------------------------
Juan Burgos
------------------------------