The telnet daemon must not be running.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-24386 | GEN003850 M6 | SV-38213r1_rule | DCPP-1 | High |
| Description |
|---|
| The telnet daemon provides a typically unencrypted remote access service which does not provide for the confidentiality and integrity of user passwords or the remote session. If a privileged user were to log on using this service, the privileged user password could be compromised. |
| STIG | Date |
|---|---|
| MAC OSX 10.6 Workstation Security Technical Implementation Guide Draft | 2013-01-10 |
Details
| Check Text ( C-37679r1_chk ) |
|---|
| Open a terminal session and enter the following command to verify telnet is disabled. defaults read /var/db/launchd.db/com.apple.launchd/overrides com.apple.telnetd If a 1 is not returned, this is a finding. |
| Fix Text (F-32919r1_fix) |
|---|
| Open a terminal session and use the following command to disable telnet. launchctl unload -w /System/Library/LaunchDaemons/telnet.plist NOTE: This command is being run to adjust the overrides file; unloading errors are normal, repeat the check to verify. |