redhat

Security Vulnerability Remediation – rlogin

Rlogin starts a terminal session on remote hosts. This appears as a HIGH vulnerability to some security scanners like Nessus. This is a real easy vulnerability to correct. Just comment out login in the /etc/inetd.conf file.

vi  /etc/inetd.conf

Search for the login entry

/login

Output

login  stream  tcp6    nowait  root    /usr/sbin/rlogind       rlogind

Comment it out

#login  stream  tcp6    nowait  root    /usr/sbin/rlogind       rlogind

Save and close

:wq!

Open LDAP Server TCP Ports on Linux 6.5

What ports should be open in iptables to allow LDAP traffic on your linux server?

Ports 389 and 636

There are a couple ways of doing this.

1. Install nano

yum install nano

2. Edit iptables

nano /etc/sysconfig/iptables

3. These rules work in CentOS version 6.5

-A INPUT -p tcp -m tcp --dport 389 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 636 -j ACCEPT

4. Press Ctrl+X to exit, “Y” to save, and Enter

5. Start or restart iptables depending on its current state

service iptables start

Or

servcie iptables restart