The IBM z/OS UNIX Telnet server warning banner must be properly specified.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-224103 | TSS0-UT-000050 | SV-224103r958586_rule | CCI-001384 | medium |
| Description | ||||
| Display of a standardized and approved use notification before granting access to the operating system ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance. System use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist. | ||||
| STIG | Date | |||
| IBM z/OS TSS Security Technical Implementation Guide | 2025-06-24 | |||
Related Frameworks
3 paths across 3 frameworks
Related Frameworks
NIST 800-531 mapping
AC-8
1.00
- DISA · 9 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
NIST 800-1711 mapping
3.1.9
1.00
- DISA · 9 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI1 mapping
CCI-001384
1.00
- DISA · 9 · disa_xccdf · related
Details
Check Text (C-224103r958586_chk)
From the ISPF Command Shell enter:
OMVS
cat inetd.conf
If the otelnet startup command includes option "-h" this is a finding.
Fix Text (F-25764r516709_fix)
The otelnetd startup command should not include the option "-h", where:
-h indicates that the logon banner should not be displayed.