2.1.5 Set 'no ip identd'

Information

Disable the identification (identd) server.

Rationale:

Identification protocol enables identifying a user's transmission control protocol (TCP) session. This information disclosure could potentially provide an attacker with information about users.

Impact:

To reduce the risk of unauthorized access, organizations should implement a security policy restricting network protocols and explicitly require disabling all insecure or unnecessary protocols such as the identification protocol (identd).

Solution

Disable the ident server.

hostname(config)#no ip identd

Default Value:

Disabled by default

See Also

https://workbench.cisecurity.org/files/3829

Item Details

Category: ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|AC-18, 800-53|SC-23, CSCv7|9.2

Plugin: Cisco

Control ID: dffff78b7f9615681a0ad470e583ee470ecf09f88922caf3d95e9807ddf88385