2.1.5 Set 'no ip identd'

Information

Disable the identification (identd) server.

Rationale:

Identification protocol enables identifying a user's transmission control protocol (TCP) session. This information disclosure could potentially provide an attacker with information about users.

Impact:

To reduce the risk of unauthorized access, organizations should implement a security policy restricting network protocols and explicitly require disabling all insecure or unnecessary protocols such as the identification protocol (identd).

Solution

Disable the ident server.

hostname(config)#no ip identd

Default Value:

Disabled by default

See Also

https://workbench.cisecurity.org/files/3801

Item Details

Category: SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|CA-9, 800-53|SC-7, CSCv7|9.2

Plugin: Cisco

Control ID: ba2f3a65501f9216b74029d996768f5cc773ce84c768966033118d73d07cbefa