STIGQter: STIG Summary: Oracle Linux 5 Security Technical Implementation Guide Version: 1 Release: 13 Benchmark Date: 26 Oct 2018: The rlogind service must not be running.

DISA Rule

SV-64019r1_rule

Vulnerability Number

V-22432

Group Title

GEN003830

Rule Version

GEN003830

Severity

CAT II

CCI(s)

• CCI-000068 - The information system implements cryptographic mechanisms to protect the confidentiality of remote access sessions.

Weight

10

Fix Recommendation

Remove or disable the rlogin configuration and restart xinetd.
# rm /etc/xinetd.d/rlogin ; service xinetd restart

Check Contents

Check the rlogind configuration.
# cat /etc/xinetd.d/rlogin
If the file exists and does not contain "disable = yes" this is a finding.

Vulnerability Number

V-22432

Documentable

False

Rule Version

GEN003830

Severity Override Guidance

Check the rlogind configuration.
# cat /etc/xinetd.d/rlogin
If the file exists and does not contain "disable = yes" this is a finding.

Check Content Reference

M

Responsibility

System Administrator

Target Key

2207

Comments