UCF STIG Viewer Logo

The telnet daemon must not be running.


Overview

Finding ID Version Rule ID IA Controls Severity
V-24386 GEN003850 SV-30063r1_rule DCPP-1 High
Description
The telnet daemon provides a typically unencrypted remote access service which does not provide for the confidentiality and integrity of user passwords or the remote session. If a privileged user were to log on using this service, the privileged user password could be compromised.
STIG Date
SOLARIS 9 SPARC SECURITY TECHNICAL IMPLEMENTATION GUIDE 2015-10-01

Details

Check Text ( C-30815r1_chk )
Consult vendor documentation to determine the method for determining if the telnet daemon is running. If the system uses inetd, use the following procedure.
# grep -v '^#' /etc/inetd.conf | grep telnet
If an entry is returned, the telnet daemon is running.

If the telnet daemon is running, this is a finding.
Fix Text (F-27396r1_fix)
Consult vendor documentation to determine the procedure to disable the telnet daemon. If the system uses inetd, use the following procedure.
Edit the /etc/inetd.conf file and comment out the telnetd line.
Restart or reload the inetd process.