Check: GEN003850
SUSE Linux Enterprise Server v11 for System z STIG:
GEN003850
(in versions v1 r12 through v1 r9)
Title
The telnet daemon must not be running. (Cat I impact)
Discussion
The telnet daemon provides a typically unencrypted remote access service which does not provide for the confidentiality and integrity of user passwords or the remote session. If a privileged user were to log on using this service, the privileged user password could be compromised.
Check Content
# chkconfig --list | grep telnet If an entry is returned and any run level is “on” telnet is running. If the telnet daemon is running, this is a finding.
Fix Text
Identify the telnet service running and disable it. Procedure # insserv –r telnetd If telnet is running as an xinetd service, edit the /etc/xinetd.d file and set “disable = yes” and then restart the xinetd service: # rcxinetd restart disable the telnet server: chkconfig telnet off verify the telnet daemon is no longer running: # ps -ef |grep telnet
Additional Identifiers
Rule ID: SV-45809r1_rule
Vulnerability ID: V-24386
Group Title: GEN003850
Expert Comments
CCIs
| Number | Definition |
|---|---|
| CCI-000197 |
The information system, for password-based authentication, transmits only cryptographically-protected passwords. |
Controls
| Number | Title |
|---|---|
| IA-5 (1) |
Password-Based Authentication |