STIGQter: STIG Summary: Red Hat Enterprise Linux 7 Security Technical Implementation Guide Version: 3 Release: 3 Benchmark Date: 23 Apr 2021: STIGQter: STIG Summary: Red Hat Enterprise Linux 7 Security Technical Implementation Guide Version: 3 Release: 3 Benchmark Date: 23 Apr 2021:SV-204502r603261_rule
V-204502
SRG-OS-000095-GPOS-00049
RHEL-07-021710
CAT I
10
Configure the operating system to disable non-essential capabilities by removing the telnet-server package from the system with the following command:
# yum remove telnet-server
Verify the operating system is configured to disable non-essential capabilities. The most secure way of ensuring a non-essential capability is disabled is to not have the capability installed.
The telnet service provides an unencrypted remote access service that does not provide for the confidentiality and integrity of user passwords or the remote session.
If a privileged user were to log on using this service, the privileged user password could be compromised.
Check to see if the telnet-server package is installed with the following command:
# yum list installed telnet-server
If the telnet-server package is installed, this is a finding.
V-204502
False
RHEL-07-021710
Verify the operating system is configured to disable non-essential capabilities. The most secure way of ensuring a non-essential capability is disabled is to not have the capability installed.
The telnet service provides an unencrypted remote access service that does not provide for the confidentiality and integrity of user passwords or the remote session.
If a privileged user were to log on using this service, the privileged user password could be compromised.
Check to see if the telnet-server package is installed with the following command:
# yum list installed telnet-server
If the telnet-server package is installed, this is a finding.
M
2899