Check: AIX7-00-003040
IBM AIX 7.x STIG:
AIX7-00-003040
(in versions v3 r1 through v1 r1)
Title
The AIX rsh daemon must be disabled. (Cat I impact)
Discussion
The rsh daemon permits username and passwords to be passed over the network in clear text.
Check Content
From the command prompt, run the following command: # grep -v "^#" /etc/inetd.conf |grep rshd The above command may show the daemon is enabled like this: shell stream tcp6 nowait root /usr/sbin/rshd rshd If the above grep command returned a line that contains "rshd", this is a finding.
Fix Text
Edit the "/etc/inetd.conf" file and comment out the "rshd" service. Restart the inetd service: # refresh -s inetd
Additional Identifiers
Rule ID: SV-215346r987796_rule
Vulnerability ID: V-215346
Group Title: SRG-OS-000074-GPOS-00042
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000197 |
For password-based authentication, transmit passwords only over cryptographically-protected channels. |
Controls
Number | Title |
---|---|
IA-5(1) |
Password-based Authentication |