IBM z/OS UNIX Telnet Server warning banner must be properly specified.
DISA Rule
SV-223642r533198_rule
Vulnerability Number
V-223642
Group Title
SRG-OS-000228-GPOS-00088
Rule Version
ACF2-UT-000040
Severity
CAT II
CCI(s)
- CCI-001388 - The information system, for publicly accessible systems, includes a description of the authorized uses of the system.
- CCI-001384 - The information system, for publicly accessible systems, displays system use information organization-defined conditions before granting further access.
- CCI-001385 - The information system, for publicly accessible systems, displays references, if any, to monitoring that are consistent with privacy accommodations for such systems that generally prohibit those activities.
- CCI-001386 - The information system, for publicly accessible systems, displays references, if any, to recording that are consistent with privacy accommodations for such systems that generally prohibit those activities.
- CCI-001387 - The information system, for publicly accessible systems, displays references, if any, to auditing that are consistent with privacy accommodations for such systems that generally prohibit those activities.
Weight
10
Fix Recommendation
The otelnetd startup command should not include the option "-h", where:
-h indicates that the logon banner should not be displayed.
Check Contents
From the ISPF Command Shell enter:
OMVS
cat inetd.conf
If the otelnet startup command includes option "-h", this is a finding.
Vulnerability Number
V-223642
Documentable
False
Rule Version
ACF2-UT-000040
Severity Override Guidance
From the ISPF Command Shell enter:
OMVS
cat inetd.conf
If the otelnet startup command includes option "-h", this is a finding.
Check Content Reference
M
Target Key
4100
Comments