Skip to content

Dial-out access from the Hardware Management Console Remote Support Facility (RSF) must be disabled for all classified systems.

An XCCDF Rule

Description

<VulnDiscussion>This feature will not be activated for any classified systems. Allowing dial-out access from the Hardware Management Console could impact the integrity of the environment by enabling the possible introduction of spyware or other malicious code. </VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility>System Administrator</Responsibility><Responsibility>Systems Programmer</Responsibility><IAControls>EBRP-1, EBRU-1</IAControls>

ID
SV-30081r2_rule
Severity
High
References
Updated



Remediation - Manual Procedure

Have the Systems Administrator or Systems Programmer validate that dial-out access from the Hardware Management Console is not activated for any classified systems.
Note: This can be accomplished by going to the Customize Remote Service Panel on the Hardware Management Console and verifying that enable remote service is not enabled.