oval:mil.disa.fso.hpux11:def:323

compliance
unix

Kerberos authentication for SSH is often implemented using GSSAPI. If Kerberos is enabled through SSH, the SSH daemon provides a means of access to the system's Kerberos implementation. Vulnerabilities in the system's Kerberos implementation may then be subject to exploitation. To reduce the attack surface of the system, the Kerberos authentication mechanism within SSH must be disabled for systems not using this capability.

PlatformSourceComponent
HPUX 11-31STIG
  • HP-UX 11.31 Security Technical Implementation Guide
    • 1. I - Mission Critical Classified
    • 2. I - Mission Critical Public
    • 3. I - Mission Critical Sensitive
    • 4. II - Mission Support Classified
    • 5. II - Mission Support Public
    • 6. II - Mission Support Sensitive
    • 7. III - Administrative Classified
    • 8. III - Administrative Public
    • 9. III - Administrative Sensitive

Cyberisc is a full featured, FREE, compliance and vulnerability scanner that makes it easy to enforce industry standard security configurations across your infrastructure in minutes. Automate your compliance and vulnerability scans and increase your visibility of insecure systems. Harden your infrastructure by patching and configuring your systems with industry standard security configurations. Audit all your systems and meet government & industry regulations.