Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-24386 | GEN003850 | SV-45809r1_rule | High |
Description |
---|
The telnet daemon provides a typically unencrypted remote access service which does not provide for the confidentiality and integrity of user passwords or the remote session. If a privileged user were to log on using this service, the privileged user password could be compromised. |
STIG | Date |
---|---|
SUSE Linux Enterprise Server v11 for System z Security Technical Implementation Guide | 2018-09-19 |
Check Text ( C-43130r1_chk ) |
---|
# chkconfig --list | grep telnet If an entry is returned and any run level is “on” telnet is running. If the telnet daemon is running, this is a finding. |
Fix Text (F-39199r1_fix) |
---|
Identify the telnet service running and disable it. Procedure # insserv –r telnetd If telnet is running as an xinetd service, edit the /etc/xinetd.d file and set “disable = yes” and then restart the xinetd service: # rcxinetd restart disable the telnet server: chkconfig telnet off verify the telnet daemon is no longer running: # ps -ef |grep telnet |