UCF STIG Viewer Logo

The telnet daemon must not be running.


Overview

Finding ID Version Rule ID IA Controls Severity
V-24386 GEN003850 SV-38953r1_rule DCPP-1 High
Description
The telnet daemon provides a typically unencrypted remote access service which does not provide for the confidentiality and integrity of user passwords or the remote session. If a privileged user were to log on using this service, the privileged user password could be compromised.
STIG Date
AIX 6.1 SECURITY TECHNICAL IMPLEMENTATION GUIDE 2018-09-18

Details

Check Text ( C-30815r1_chk )
Consult vendor documentation to determine the method for determining if the telnet daemon is running. If the system uses inetd, use the following procedure.
# grep -v '^#' /etc/inetd.conf | grep telnet
If an entry is returned, the telnet daemon is running.

If the telnet daemon is running, this is a finding.
Fix Text (F-31868r1_fix)
Edit the /etc/inetd.conf file and comment out the telnet line.

Reload the inetd process.
# refresh -s inetd