| VID |
14105 |
| Severity |
40 |
| Port |
22 |
| Protocol |
TCP |
| Class |
LSC |
| Detailed Description |
Root is a very important account to manage the system. If direct logins with the root account is allowed, the system can be a attacker's goal, so root account's direct access should be managed.
Allowing root account's remote access can provide a better opportunity for the attacker, so root account's remote access should be prohibited.
* Affected platforms:
UNIX, Linux |
| Recommendation |
Follow the steps below to prohibit root's remote access.
*Solaris
1. Open "/etc/default/login"
2. Edit or insert as follows
(Before) #CONSOLE=/dev/console
(After) CONSOLE=/dev/console
*Linux
1. Remove pts/0 ~ pts/x from "/etc/securetty"
2. Edit "/etc/pam.d/login"
(Before) #auth required /lib/security/pam_securetty.so
(After) auth required /lib/security/pam_securetty.so
*AIX
1. Open "/etc/security/user"
2. Edit or insert root's rlogin setting as follows
(Before) rlogin = true
(After) rlogin = false
*HP
1. Open "/etc/securetty"
2. Edit or insert as follows
(Before) #console
(After) console |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
