The rlogind service must not be running.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-220040 | GEN003830 | SV-220040r603265_rule | Medium |
| Description |
|---|
| The rlogind process provides a typically unencrypted, host-authenticated remote access service. SSH should be used in place of this service. Satisfies: SRG-OS-000033, SRG-OS-000505, SRG-OS-000555 |
| STIG | Date |
|---|---|
| Solaris 10 SPARC Security Technical Implementation Guide | 2020-12-04 |
Details
| Check Text ( C-21749r485047_chk ) |
|---|
| Determine if the rlogind service is running. # svcs rlogin If the rlogin service is enabled, this is a finding. |
| Fix Text (F-21748r485048_fix) |
|---|
| Disable the rlogind service. # svcadm disable rlogin # svcadm refresh inetd |