Title

AIX telnet daemon must not be running. (Cat I impact)

Discussion

This telnet service is used to service remote user connections. This is historically the most commonly used remote access method for UNIX servers. The username and passwords are passed over the network in clear text and therefore insecurely. Unless required the telnetd daemon will be disabled. This function, if required, should be facilitated through SSH.

Check Content

Determine if the "telnet" daemon is running by running the following command: # grep -v '^#' /etc/inetd.conf | grep telnet If an entry is returned, this is a finding.

Fix Text

Disable the "telnet" entry in "/etc/inetd.conf" using command: # chsubserver -r inetd -C /etc/inetd.conf -d -v 'telnet' -p 'tcp6' Reload the inetd process: # refresh -s inetd

Additional Identifiers

Rule ID: SV-215258r987796_rule

Vulnerability ID: V-215258

Group Title: SRG-OS-000074-GPOS-00042

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.