Access to a domain console via telnet must be restricted to the local host.

An XCCDF Rule

Description

<VulnDiscussion>Telnet is an insecure protocol.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-216348r959010_rule
Severity: Medium
References: CCI-000366
Updated: 18 days ago

The root role is required. This action applies only to the control domain. 

Determine the domain that you are currently securing.

# virtinfo 
Domain role: LDoms control I/O service rootThe current domain is the control domain, which is also an I/O domain, the service domain, and a root I/O domain.

If the current domain is not the control domain, this action does not apply.

Create a password-controlled role that has the solaris.vntsd.consoles authorization, which permits access to all domain consoles.

# roleadd -A solaris.vntsd.consoles [role-name]
# passwd [role-name]

Assign the new role to a user.
# usermod -R [role-name] [username]

Access to a domain console via telnet must be restricted to the local host.

Description

Remediation - Manual Procedure