Navigate

Check: GEN003850

Solaris 10 SPARC STIG: GEN003850 (in versions v2 r4 through v1 r19)

Title

The telnet daemon must not be running. (Cat I impact)

Discussion

The telnet daemon provides a typically unencrypted remote access service which does not provide for the confidentiality and integrity of user passwords or the remote session. If a privileged user were to log on using this service, the privileged user password could be compromised. Satisfies: SRG-OS-000074, SRG-OS-000520

Check Content

Determine if the telnet daemon is running. # svcs telnet If the telnet service is enabled, this is a finding.

Fix Text

Disable the telnet daemon. # svcadm disable telnet # svcadm refresh inetd

Additional Identifiers

Rule ID: SV-226921r603265_rule

Vulnerability ID: V-226921

Group Title: SRG-OS-000074

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-000197	The information system, for password-based authentication, transmits only cryptographically-protected passwords.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
IA-5 (1)	Password-Based Authentication