Check: GEN003825
HP-UX 11.31 STIG:
GEN003825
(in versions v1 r19 through v1 r13)
Title
The remshd service must not be installed. (Cat II impact)
Discussion
The remshd process provides a typically unencrypted, host-authenticated remote access service. SSH should be used in place of this service.
Check Content
Determine if remshd is installed/running: # cat /etc/inetd.conf | tr '\011' ' ' | tr -s ' ' | sed -e 's/^[ \t]*//' | grep -v "^#" | \ grep remshd If the above command returns any evidence of the remshd service, this is a finding.
Fix Text
Uninstall the remshd service from the system. # cat /etc/inetd.conf | grep -n remshd Edit the /etc/inetd.conf file and comment the line entry for remshd, then reconfigure inetd via: # inetd -c
Additional Identifiers
Rule ID: SV-35129r1_rule
Vulnerability ID: V-22431
Group Title: GEN003825
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000305 |
The organization develops a list of software programs not authorized to execute on the information system. |
Controls
Number | Title |
---|---|
No controls are assigned to this check |