UCF STIG Viewer Logo

The rlogind service must not be installed.


Overview

Finding ID Version Rule ID IA Controls Severity
V-22433 GEN003835 SV-35131r1_rule DCPP-1 Medium
Description
The rlogind process provides a typically unencrypted, host-authenticated remote access service. SSH should be used in place of this service.
STIG Date
HP-UX 11.31 Security Technical Implementation Guide 2018-09-14

Details

Check Text ( C-36539r1_chk )
Determine if the rlogind service is installed.
# cat /etc/inetd.conf | tr '\011' ' ' | tr -s ' ' | sed -e 's/^[ \t]*//' | grep -v "^#" | grep -c rlogind

If rlogind is found to be installed, this is a finding.
Fix Text (F-31903r1_fix)
Edit /etc/inetd.conf and comment out the rlogind service:
# vi /etc/inetd.conf

Restart the inetd service via the following command:
# inetd -c

Disable the rlogind binary:
chmod 000 /usr/lbin/rlogind

Additionally, the binary name may also be changed:
mv /usr/lbin/rlogind /usr/lbin/