Check: OSX8-00-00050
Apple OSX 10.8 STIG:
OSX8-00-00050
(in version v1 r2)
Title
The rsh service must be disabled. (Cat I impact)
Discussion
Some networking protocols may not meet security requirements to protect data and components. The organization can either make a determination as to the relative security of the networking protocol or base the security decision on the assessment of other entities. Based on that assessment some may be deemed to be nonsecure except for explicitly identified components in support of specific operational requirements.
Check Content
The "rshd" service should be disabled. To check the status of the service, run the following command: sudo defaults read /System/Library/LaunchDaemons/shell Disabled If the result is not "1", this is a finding.
Fix Text
To set the "rshd" service to disabled, run the following command: sudo defaults write /System/Library/LaunchDaemons/shell Disabled 1
Additional Identifiers
Rule ID: SV-65627r1_rule
Vulnerability ID: V-51417
Group Title:
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-001436 |
The organization disables organization-defined networking protocols within the information system deemed to be nonsecure except for explicitly identified components in support of specific operational requirements. |
Controls
Number | Title |
---|---|
No controls are assigned to this check |