UCF STIG Viewer Logo

The telnet daemon must not be running.


Overview

Finding ID Version Rule ID IA Controls Severity
V-24386 GEN003850 SV-45809r1_rule High
Description
The telnet daemon provides a typically unencrypted remote access service which does not provide for the confidentiality and integrity of user passwords or the remote session. If a privileged user were to log on using this service, the privileged user password could be compromised.
STIG Date
SUSE Linux Enterprise Server v11 for System z Security Technical Implementation Guide 2018-09-19

Details

Check Text ( C-43130r1_chk )
# chkconfig --list | grep telnet
If an entry is returned and any run level is “on” telnet is running.

If the telnet daemon is running, this is a finding.
Fix Text (F-39199r1_fix)
Identify the telnet service running and disable it.

Procedure
# insserv –r telnetd

If telnet is running as an xinetd service, edit the /etc/xinetd.d file and set “disable = yes” and then restart the xinetd service:
# rcxinetd restart


disable the telnet server:
chkconfig telnet off

verify the telnet daemon is no longer running:

# ps -ef |grep telnet