An error occurred:

Check: UBTU-18-010105

Canonical Ubuntu 18.04 LTS STIG: UBTU-18-010105 (in versions v2 r14 through v2 r9)

Title

The Ubuntu operating system must not have the telnet package installed. (Cat I impact)

Discussion

Passwords need to be protected at all times, and encryption is the standard method for protecting passwords. If passwords are not encrypted, they can be plainly read (i.e., clear text) and easily compromised.

Check Content

Verify that the telnet package is not installed on the Ubuntu operating system. Check that the telnet daemon is not installed on the Ubuntu operating system by running the following command: # dpkg -l | grep telnetd If the package is installed, this is a finding.

Fix Text

Remove the telnet package from the Ubuntu operating system by running the following command: # sudo apt-get remove telnetd

Additional Identifiers

Rule ID: SV-219177r877396_rule

Vulnerability ID: V-219177

Group Title: SRG-OS-000074-GPOS-00042

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-000197

The information system, for password-based authentication, transmits only cryptographically-protected passwords.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
IA-5 (1)

Password-Based Authentication