3.5.3 Remote command lockdown - rsh

Information

Removes all permissions from the remote service commands: rsh, rlogin and rcp.

Rationale:

This effectively disables the following commands, for all users:

/usr/bin/rcp

/usr/bin/rlogin

/usr/bin/rsh

These remote services send usernames and passwords in clear text and should not be used. Unless required these binaries will be disabled for all users. The SSH suite of commands should be utilized to provide equivalent functionality

Solution

Use the chmod command to remove all permissions on the remote services:

chmod ugo= /usr/bin/rcp
chmod ugo= /usr/bin/rlogin
chmod ugo= /usr/bin/rsh

Default Value:

N/A

See Also

https://workbench.cisecurity.org/files/4119

Item Details

Category: ACCESS CONTROL, MEDIA PROTECTION

References: 800-53|AC-3, 800-53|AC-5, 800-53|AC-6, 800-53|MP-2, CSCv7|14.6

Plugin: Unix

Control ID: 19bf621c94b2499568ffccad63a8889be7b3a6315464e2807863b2c223354c18