AIX must disable /usr/bin/rcp, /usr/bin/rlogin, /usr/bin/rsh, /usr/bin/rexec and /usr/bin/telnet commands.

Severity	Group ID	Group Title	Version	Rule ID	Date	STIG Version
high	V-215322	SRG-OS-000074-GPOS-00042	AIX7-00-003005	SV-215322r987796_rule	2024-08-16	3

Description
The listed applications permit the transmission of passwords in plain text. Alternative applications such as SSH, which encrypt data, should be use instead.

ℹ️ Check
From the command prompt, execute the following commands: # ls -l /usr/bin/rcp \| awk '{print $1}' # ls -l /usr/bin/rlogin \| awk '{print $1}' # ls -l /usr/bin/rsh \| awk '{print $1}' # ls -l /usr/bin/telnet \| awk '{print $1}' # ls -l /usr/bin/rexec \| awk '{print $1}' Each of the above commands should return with the following permissions: ---------- If the permissions are more permissive, this is a finding.

ℹ️ Check

From the command prompt, execute the following commands: # ls -l /usr/bin/rcp | awk '{print $1}' # ls -l /usr/bin/rlogin | awk '{print $1}' # ls -l /usr/bin/rsh | awk '{print $1}' # ls -l /usr/bin/telnet | awk '{print $1}' # ls -l /usr/bin/rexec | awk '{print $1}' Each of the above commands should return with the following permissions: ---------- If the permissions are more permissive, this is a finding.

✔️ Fix
Use the chmod command to remove all permissions on these commands: # chmod ugo= /usr/bin/rcp # chmod ugo= /usr/bin/rlogin # chmod ugo= /usr/bin/rsh # chmod ugo= /usr/bin/rexec # chmod ugo= /usr/bin/telnet