The IBM z/OS UNIX Telnet server warning banner must be properly specified.
An XCCDF Rule
Description
<VulnDiscussion>Display of a standardized and approved use notification before granting access to the publicly accessible operating system ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-223868r604139_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
Configure the startup parameters in the inetd.conf file for otelnetd to exclude option -h.
Note: -h indicates that the logon banner should not be displayed.