Check: TSS0-UT-000050
IBM z/OS TSS STIG:
TSS0-UT-000050
(in versions v9 r2 through v7 r1)
Title
The IBM z/OS UNIX Telnet server warning banner must be properly specified. (Cat II impact)
Discussion
Display of a standardized and approved use notification before granting access to the operating system ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance. System use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.
Check Content
From the ISPF Command Shell enter: OMVS cat inetd.conf If the otelnet startup command includes option "-h" this is a finding.
Fix Text
The otelnetd startup command should not include the option "-h", where: -h indicates that the logon banner should not be displayed.
Additional Identifiers
Rule ID: SV-224103r958586_rule
Vulnerability ID: V-224103
Group Title: SRG-OS-000228-GPOS-00088
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-001384 |
For publicly accessible systems, display system use information with organization-defined conditions before granting further access to the publicly accessible system. |
CCI-001385 |
For publicly accessible systems, displays references, if any, to monitoring that are consistent with privacy accommodations for such systems that generally prohibit those activities. |
CCI-001386 |
For publicly accessible systems, displays references, if any, to recording that are consistent with privacy accommodations for such systems that generally prohibit those activities. |
CCI-001387 |
For publicly accessible systems, displays references, if any, to auditing that are consistent with privacy accommodations for such systems that generally prohibit those activities. |
CCI-001388 |
For publicly accessible systems, includes a description of the authorized uses of the system. |
Controls
Number | Title |
---|---|
AC-8 |
System Use Notification |