Nipper and Cisco Security Audit

I am using Nipper for verifying my Cisco configuration. Nipper is finding the "rlogin" service that is not in the configuration. I have searched the access lists and do not see it anywhere. The explanation by Nipper about this finding, "....Telnet protocol implemented by this service...." is confusing. Here is the Nipper's output:

______________________________ Rlogin Service Settings

The Rlogin service enables remote administrative access to a CLI on Cisco Router Devices. The Telnet protocol implemented by the service is simple and provides no encryption of the network communications between client and the server. This section details the Rlogin settings.

Description Setting Rlogin Service Enabled Service TCP Port 513 ______________________________

I have checked a few other routers where SSH was not enabled with the same results.

Can someone explain why Nipper is saying "Rlogin is enabled" when I do not see it in the configuration file? Is there something else that I need to be looking at? Why is Nipper saying "...Telnet protocol implemented by the service...."?

Thank you in advance for any help.


Reply to
Neil Jones
Loading thread data ... Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.