UCF STIG Viewer Logo

The rexec daemon must not be running.


Overview

Finding ID Version Rule ID IA Controls Severity
V-4688 GEN003840 SV-35132r2_rule High
Description
The rexecd process provides a typically unencrypted, host-authenticated remote access service. SSH should be used in place of this service.
STIG Date
HP-UX 11.31 Security Technical Implementation Guide 2018-09-14

Details

Check Text ( C-34990r3_chk )
# cat /etc/inetd.conf | tr '\011' ' ' | tr -s ' ' | sed -e 's/^[ \t]*//' |grep -v "^#" | \
cut -f 6,7 -d " " | grep -c -i rexecd

If any results are returned, this is a finding.
Fix Text (F-30284r1_fix)
Edit /etc/inetd.conf and comment out the line for the rexec daemon service. Restart the inetd service via the following command:
# inetd -c