Access to a domain console via telnet must be restricted to the local host.

An XCCDF Rule

Details
Profiles

Description

Telnet is an insecure protocol.

ID: SV-216348r959010_rule
Version: SOL-11.1-040315
Severity: Medium
References: CCI-000366
Updated: about 2 months ago

Remediation Templates

The root role is required. This action applies only to the control domain. 

Determine the domain that you are currently securing.

# virtinfo 
Domain role: LDoms control I/O service rootThe current domain is the control domain, which is also an I/O domain, the service domain, and a root I/O domain.

If the current domain is not the control domain, this action does not apply.

Create a password-controlled role that has the solaris.vntsd.consoles authorization, which permits access to all domain consoles.

# roleadd -A solaris.vntsd.consoles [role-name]
# passwd [role-name]

Assign the new role to a user.
# usermod -R [role-name] [username]

Access to a domain console via telnet must be restricted to the local host.

Description

Remediation Templates

A Manual Procedure