AIX7-00-002059 - AIX telnet daemon must not be running.

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

This telnet service is used to service remote user connections. This is historically the most commonly used remote access method for UNIX servers. The username and passwords are passed over the network in clear text and therefore insecurely. Unless required the telnetd daemon will be disabled. This function, if required, should be facilitated through SSH.

Solution

Disable the 'telnet' entry in '/etc/inetd.conf' using command:
# chsubserver -r inetd -C /etc/inetd.conf -d -v 'telnet' -p 'tcp6'

Reload the inetd process:
# refresh -s inetd

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_IBM_AIX_7-x_V2R5_STIG.zip

Item Details

References: CAT|I, CCI|CCI-000197, Rule-ID|SV-215258r508663_rule, STIG-ID|AIX7-00-002059, STIG-Legacy|SV-101403, STIG-Legacy|V-91305, Vuln-ID|V-215258

Plugin: Unix

Control ID: ef552134a75229f008e2f5f9f42513b170d5488b72cda49b48320ef3a84f8bc0