From Oracle Linux 5 Security Technical Implementation Guide
Part of GEN003850
Associated with: CCI-000197
The telnet daemon provides a typically unencrypted remote access service which does not provide for the confidentiality and integrity of user passwords or the remote session. If a privileged user were to log on using this service, the privileged user password could be compromised.
The telnet service included in the operating system is a part of krb5-workstation. There are two versions of telnetd server provided. The xinetd.d file ekrb5-telnet allows only connections authenticated through Kerberos. The xinetd.d krb5-telnet allows normal telnet connections as well as kerberized connections. Both are set to "disable = yes" by default. Ensure that neither is running. Procedure: Check if telnetd is running: # ps -ef |grep telnetd If the telnet daemon is running, this is a finding. Check if telnetd is enabled on startup: # chkconfig --list|grep telnet If an entry with "on" is found, this is a finding.
Identify the telnet service running and disable it. Procedure: Disable the telnet server. # chkconfig telnet off Verify the telnet daemon is no longer running. # ps -ef |grep telnet
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer