Differences
This shows you the differences between two versions of the page.
| — |
centos7:2:3:2 [2017/05/04 15:09] (current) |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| + | ======2.3.2 Ensure rsh client is not installed (Scored)====== | ||
| + | =====Profile Applicability===== | ||
| + | <code> | ||
| + | Level 1 - Server | ||
| + | Level 1 - Workstation | ||
| + | </code> | ||
| + | =====Description===== | ||
| + | The ''rsh'' package contains the client commands for the rsh services. | ||
| + | |||
| + | =====Rationale===== | ||
| + | These legacy clients contain numerous security exposures and have been replaced with the more secure SSH package. Even if the server is removed, it is best to ensure the clients are also removed to prevent users from inadvertently attempting to use these commands and therefore exposing their credentials. Note that removing the rsh package removes the clients for ''rsh'', ''rcp'' and ''rlogin''. | ||
| + | |||
| + | =====Audit===== | ||
| + | Run the following commands to verify ''rsh'' is not installed: | ||
| + | <Code:bash> | ||
| + | # rpm -q rsh | ||
| + | package rsh is not installed | ||
| + | </Code> | ||
| + | |||
| + | =====Remediation===== | ||
| + | Run the following command to uninstall ''rsh'': | ||
| + | <Code:bash> | ||
| + | # yum remove rsh | ||
| + | </Code> | ||
| + | |||
| + | =====Impact===== | ||
| + | Many insecure service clients are used as troubleshooting tools and in testing environments. Uninstalling them can inhibit capability to test and troubleshoot. If they are required it is advisable to remove the clients after use to prevent accidental or intentional misuse. | ||
