Check or Attack Name: rstatout

The rstat service was found. The rstatd daemon has provided information to a request. The rstatd daemon gives an attacker the following information:

• When the machine was last booted, possibly revealing the maintenance schedule or the host's reliability.
• How much CPU it is using, providing a load average.
• How many disks it has, providing the attacker with the storage layout for the host.
• How many packets have reached it, indicating the amount of network traffic processed by the host.

Disable the rstat service. Comment out rstat from the /etc/inetd.conf file by putting a # at the beginning of the line and sending a HUP signal to the inetd (# kill -HUP <inetd.pid>).