Check: GEN003850
Solaris 10 X86 STIG:
GEN003850
(in versions v2 r4 through v1 r17)
Title
The telnet daemon must not be running. (Cat I impact)
Discussion
The telnet daemon provides a typically unencrypted remote access service which does not provide for the confidentiality and integrity of user passwords or the remote session. If a privileged user were to log on using this service, the privileged user password could be compromised. Satisfies: SRG-OS-000074, SRG-OS-000520
Check Content
Determine if the telnet daemon is running. # svcs telnet If the telnet service is enabled, this is a finding.
Fix Text
Disable the telnet daemon. # svcadm disable telnet # svcadm refresh inetd
Additional Identifiers
Rule ID: SV-227826r603266_rule
Vulnerability ID: V-227826
Group Title: SRG-OS-000074
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000197 |
The information system, for password-based authentication, transmits only cryptographically-protected passwords. |
Controls
Number | Title |
---|---|
IA-5 (1) |
Password-Based Authentication |