AIX must disable /usr/bin/rcp, /usr/bin/rlogin, /usr/bin/rsh, /usr/bin/rexec and /usr/bin/telnet commands.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-91295	AIX7-00-003005	SV-101393r1_rule		High

Description
The listed applications permit the transmission of passwords in plain text. Alternative applications such as SSH, which encrypt data, should be use instead.

STIG	Date
IBM AIX 7.x Security Technical Implementation Guide	2020-02-24

Details

Check Text ( C-90449r1_chk )
From the command prompt, execute the following commands: # ls -l /usr/bin/rcp \| awk '{print $1}' # ls -l /usr/bin/rlogin \| awk '{print $1}' # ls -l /usr/bin/rsh \| awk '{print $1}' # ls -l /usr/bin/telnet \| awk '{print $1}' # ls -l /usr/bin/rexec \| awk '{print $1}' Each of the above commands should return with the following permissions: ---------- If the permissions are more permissive, this is a finding.

Check Text ( C-90449r1_chk )

From the command prompt, execute the following commands:
# ls -l /usr/bin/rcp | awk '{print $1}'
# ls -l /usr/bin/rlogin | awk '{print $1}'
# ls -l /usr/bin/rsh | awk '{print $1}'
# ls -l /usr/bin/telnet | awk '{print $1}'
# ls -l /usr/bin/rexec | awk '{print $1}'

Each of the above commands should return with the following permissions:
----------

If the permissions are more permissive, this is a finding.

Fix Text (F-97493r1_fix)
Use the chmod command to remove all permissions on these commands: # chmod ugo= /usr/bin/rcp # chmod ugo= /usr/bin/rlogin # chmod ugo= /usr/bin/rsh # chmod ugo= /usr/bin/rexec # chmod ugo= /usr/bin/telnet