Check: RHEL-06-000211
Red Hat Enterprise Linux 6 STIG:
RHEL-06-000211
(in versions v2 r2 through v1 r14)
Title
The telnet daemon must not be running. (Cat I impact)
Discussion
The telnet protocol uses unencrypted network communication, which means that data from the login session, including passwords and all other information transmitted during the session, can be stolen by eavesdroppers on the network. The telnet protocol is also subject to man-in-the-middle attacks. Mitigation: If an enabled telnet daemon is configured to only allow encrypted sessions, such as with Kerberos or the use of encrypted network tunnels, the risk of exposing sensitive information is mitigated.
Check Content
To check that the "telnet" service is disabled in system boot configuration, run the following command: # chkconfig "telnet" --list Output should indicate the "telnet" service has either not been installed, or has been disabled, as shown in the example below: # chkconfig "telnet" --list telnet off OR error reading information on service telnet: No such file or directory If the service is running, this is a finding.
Fix Text
The "telnet" service can be disabled with the following command: # chkconfig telnet off
Additional Identifiers
Rule ID: SV-217984r603264_rule
Vulnerability ID: V-217984
Group Title: SRG-OS-000095
Expert Comments
CCIs
| Number | Definition |
|---|---|
| CCI-000381 |
The organization configures the information system to provide only essential capabilities. |
| CCI-000382 |
The organization configures the information system to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services. |
| CCI-000888 |
The organization employs cryptographic mechanisms to protect the integrity and confidentiality of non-local maintenance and diagnostic communications. |
Controls
| Number | Title |
|---|---|
| CM-7 |
Least Functionality |