Check: RHEL-06-000019
Red Hat Enterprise Linux 6 STIG:
RHEL-06-000019
(in versions v2 r2 through v1 r14)
Title
There must be no .rhosts or hosts.equiv files on the system. (Cat I impact)
Discussion
Trust files are convenient, but when used in conjunction with the R-services, they can allow unauthenticated access to a system.
Check Content
The existence of the file "/etc/hosts.equiv" or a file named ".rhosts" inside a user home directory indicates the presence of an Rsh trust relationship. If these files exist, this is a finding.
Fix Text
The files "/etc/hosts.equiv" and "~/.rhosts" (in each user's home directory) list remote hosts and users that are trusted by the local system when using the rshd daemon. To remove these files, run the following command to delete them from any location. # rm /etc/hosts.equiv $ rm ~/.rhosts
Additional Identifiers
Rule ID: SV-217860r603264_rule
Vulnerability ID: V-217860
Group Title: SRG-OS-000480
Expert Comments
CCIs
| Number | Definition |
|---|---|
| CCI-000072 |
The organization ensures that users protect information about remote access mechanisms from unauthorized use and disclosure. |
| CCI-000366 |
The organization implements the security configuration settings. |
| CCI-000382 |
The organization configures the information system to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services. |
| CCI-001436 |
The organization disables organization-defined networking protocols within the information system deemed to be nonsecure except for explicitly identified components in support of specific operational requirements. |