The IBM z/OS UNIX Telnet server warning banner must be properly specified.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-223868 | RACF-UT-000050 | SV-223868r958586_rule | CCI-001384 | medium |
| Description | ||||
| Display of a standardized and approved use notification before granting access to the publicly accessible operating system ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance. | ||||
| STIG | Date | |||
| IBM z/OS RACF Security Technical Implementation Guide | 2025-06-24 | |||
Related Frameworks
3 paths across 3 frameworks
Related Frameworks
NIST 800-531 mapping
AC-8
1.00
- DISA · 9 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
NIST 800-1711 mapping
3.1.9
1.00
- DISA · 9 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI1 mapping
CCI-001384
1.00
- DISA · 9 · disa_xccdf · related
Details
Check Text (C-223868r958586_chk)
From the ISPF Command Shell enter:
ISHELL
Enter /etc/ for a pathname - you may need to issue a CD /etc/
select FILE NAME inetd.conf
If Option -h is included on the otelnetd command, this is a finding.
Fix Text (F-25529r515293_fix)
Configure the startup parameters in the inetd.conf file for otelnetd to exclude option -h.
Note: -h indicates that the logon banner should not be displayed.