Check: GEN003850
HP-UX 11.31 STIG:
GEN003850
(in versions v1 r19 through v1 r13)
Title
The telnet daemon must not be running. (Cat I impact)
Discussion
The telnet daemon provides a typically unencrypted remote access service which does not provide for the confidentiality and integrity of user passwords or the remote session. If a privileged user were to log on using this service, the privileged user password could be compromised.
Check Content
Consult vendor documentation to determine the method for determining if the telnet daemon is running. If the system uses inetd, use the following procedure: # cat /etc/inetd.conf | tr '\011' ' ' | tr -s ' ' | sed -e 's/^[ \t]*//' |grep -v "^#" | \ cut -f 6,7 -d " " | grep -c -i telnetd If the above command returns a number greater than 0, the telnet daemon is running. If the telnet daemon is running, this is a finding.
Fix Text
Consult vendor documentation to determine the procedure to disable the telnet daemon. If the system uses inetd, edit /etc/inetd.conf and comment out the telnetd line. Restart the inetd service via the following command: # inetd -c
Additional Identifiers
Rule ID: SV-35134r1_rule
Vulnerability ID: V-24386
Group Title: GEN003850
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000197 |
The information system, for password-based authentication, transmits only cryptographically-protected passwords. |
Controls
Number | Title |
---|---|
IA-5 (1) |
Password-Based Authentication |