redhat

Security Vulnerability Remediation – rlogin

Rlogin starts a terminal session on remote hosts. This appears as a HIGH vulnerability to some security scanners like Nessus. This is a real easy vulnerability to correct. Just comment out login in the /etc/inetd.conf file.

vi  /etc/inetd.conf

Search for the login entry

/login

Output

login  stream  tcp6    nowait  root    /usr/sbin/rlogind       rlogind

Comment it out

#login  stream  tcp6    nowait  root    /usr/sbin/rlogind       rlogind

Save and close

:wq!
CentOS 7

How To Disable IPv6 In CentOS 7

CentOS Linux release 7.0.1406 (Core)

Verify Centos Version
cat /etc/centos-release

I’ve discovered bugs in some install packages. One such package is Zimbra. To work around these bugs, IPv6 and associated dependencies need to be disabled.

To disable IPv6 in a CentOS 7 installation, perform the following tasks:

Task 1
Navigate to and create a file inside/etc/modprobe.d/.
(The name of the file can be anything, I chose “disable-ipv6”)
cd /etc/modprobe.d/
nano disable-ipv6
Add this line
install ipv6 /bin/true
Press “Ctl+X” to exit
Select “Y” to save changes
Press “Enter” to get back to CL

Task 2
Comment Out Hosts Entry
nano /etc/hosts
By default, this is what’s present:
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
Comment out
#::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
Press “Ctl+X” to exit
Select “Y” to save changes
Press “Enter” to get back to CL

Task 3
Reboot the system to complete the process. It is required.