File: rule.yml

package info (click to toggle)
scap-security-guide 0.1.78-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 114,600 kB
  • sloc: xml: 245,305; sh: 84,381; python: 33,093; makefile: 27
file content (43 lines) | stat: -rw-r--r-- 2,057 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
 
documentation_complete: true


title: 'Disable rsh Service'

description: |-
    The <tt>rsh</tt> service, which is available with
    the <tt>rsh-server</tt> package and runs as a service through xinetd or separately
    as a systemd socket, should be disabled.
    If using xinetd, set <tt>disable</tt> to <tt>yes</tt> in <tt>/etc/xinetd.d/rsh</tt>.
    {{{ describe_socket_disable(socket="rsh") }}}

rationale: |-
    The rsh service uses unencrypted network communications, which
    means that data from the login session, including passwords and
    all other information transmitted during the session, can be
    stolen by eavesdroppers on the network.

severity: high

identifiers:
    cce@rhel8: CCE-82431-8
    cce@rhel10: CCE-90186-8

references:
    cis-csc: 1,11,12,14,15,16,3,5,8,9
    cobit5: APO13.01,BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS01.04,DSS05.02,DSS05.03,DSS05.04,DSS05.05,DSS05.07,DSS05.10,DSS06.03,DSS06.06,DSS06.10
    cui: 3.1.13,3.4.7
    hipaa: 164.308(a)(4)(i),164.308(b)(1),164.308(b)(3),164.310(b),164.312(e)(1),164.312(e)(2)(ii)
    isa-62443-2009: 4.3.3.2.2,4.3.3.5.1,4.3.3.5.2,4.3.3.5.3,4.3.3.5.4,4.3.3.5.5,4.3.3.5.6,4.3.3.5.7,4.3.3.5.8,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.1,4.3.3.7.2,4.3.3.7.3,4.3.3.7.4,4.3.4.3.2,4.3.4.3.3
    isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.11,SR 1.12,SR 1.13,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.6,SR 1.7,SR 1.8,SR 1.9,SR 2.1,SR 2.2,SR 2.3,SR 2.4,SR 2.5,SR 2.6,SR 2.7,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 7.1,SR 7.6'
    iso27001-2013: A.11.2.6,A.12.1.2,A.12.5.1,A.12.6.2,A.13.1.1,A.13.2.1,A.14.1.3,A.14.2.2,A.14.2.3,A.14.2.4,A.18.1.4,A.6.2.1,A.6.2.2,A.7.1.1,A.9.1.2,A.9.2.1,A.9.2.2,A.9.2.3,A.9.2.4,A.9.2.6,A.9.3.1,A.9.4.2,A.9.4.3
    nist: CM-7(a),CM-7(b),CM-6(a),IA-5(1)(c)
    nist-csf: PR.AC-1,PR.AC-3,PR.AC-6,PR.AC-7,PR.IP-1,PR.PT-3,PR.PT-4

{{{ complete_ocil_entry_socket_and_service_disabled("rsh") }}}

platform: system_with_kernel

template:
    name: service_disabled
    vars:
        servicename: rsh