UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The AIX rlogind service must be disabled.


Overview

Finding ID Version Rule ID IA Controls Severity
V-215347 AIX7-00-003041 SV-215347r877396_rule High
Description
The rlogin daemon permits username and passwords to be passed over the network in clear text.
STIG Date
IBM AIX 7.x Security Technical Implementation Guide 2023-08-23

Details

Check Text ( C-16545r294492_chk )
Determine if the "rlogind" service is running by running the following command:
# grep -v "^#" /etc/inetd.conf |grep rlogin

If the above grep command returned a line that contains "rlogin", this is a finding.
Fix Text (F-16543r294493_fix)
Disable the rlogind service by editing the "'etc/inetd.conf" file.

# vi /etc/inetd.conf

Comment out the "rlogind" service.

Restart the inetd service:
# refresh -s inetd