STIGQter: STIG Summary: Oracle Linux 7 Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021: STIGQter: STIG Summary: Oracle Linux 7 Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:SV-221763r603260_rule
V-221763
SRG-OS-000095-GPOS-00049
OL07-00-021710
CAT I
10
Configure the operating system to disable non-essential capabilities by removing the telnet-server package from the system with the following command:
# yum remove telnet-server
Verify the operating system is configured to disable non-essential capabilities. The most secure way of ensuring a non-essential capability is disabled is not to install the capability.
The telnet service provides an unencrypted remote access service that does not provide for the confidentiality and integrity of user passwords or the remote session.
If a privileged user were to log on using this service, the privileged user password could be compromised.
Check to see if the telnet-server package is installed with the following command:
# yum list installed telnet-server
If the telnet-server package is installed, this is a finding.
V-221763
False
OL07-00-021710
Verify the operating system is configured to disable non-essential capabilities. The most secure way of ensuring a non-essential capability is disabled is not to install the capability.
The telnet service provides an unencrypted remote access service that does not provide for the confidentiality and integrity of user passwords or the remote session.
If a privileged user were to log on using this service, the privileged user password could be compromised.
Check to see if the telnet-server package is installed with the following command:
# yum list installed telnet-server
If the telnet-server package is installed, this is a finding.
M
4089