Check: GEN003835
SUSE Linux Enterprise Server v11 for System z STIG:
GEN003835
(in versions v1 r12 through v1 r9)
Title
The rlogind service must not be installed. (Cat II impact)
Discussion
The rlogind process provides a typically unencrypted, host-authenticated remote access service. SSH should be used in place of this service.
Check Content
Check if the rsh-server package is installed. Procedure: # rpm -qa | grep rsh-server If a package is found, this is a finding.
Fix Text
Remove the rsh-server package. Procedure: # rpm -e rsh-server # SuSEconfig
Additional Identifiers
Rule ID: SV-45806r1_rule
Vulnerability ID: V-22433
Group Title: GEN003835
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| CCI-000305 |
The organization develops a list of software programs not authorized to execute on the information system. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| No controls are assigned to this check |