2.2.21 Ensure talk server is not enabled (Scored)
Profile Applicability
Level 1 - Server Level 1 - Workstation
Description
The talk
software makes it possible for users to send and receive messages across systems through a terminal session. The talk client (allows initiate of talk sessions) is installed by default.
Rationale
The software presents a security risk as it uses unencrypted protocols for communication.
Audit
Run the following command and verify result is not “enabled”:
# systemctl is-enabled ntalk disabled
Remediation
Run the following commands to disable talk
:
# systemctl disable ntalk