Nipper and Cisco Security Audit

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

I am using Nipper for verifying my Cisco configuration.  Nipper is
finding the "rlogin" service that is not in the configuration.  I have
searched the access lists and do not see it anywhere.  The explanation
by Nipper about this finding, "....Telnet protocol implemented by this
service...." is confusing.  Here is the Nipper's output:

Rlogin Service Settings

The Rlogin service enables remote administrative access to a CLI on
Cisco Router Devices.  The Telnet protocol implemented by the service is
simple and provides no encryption of the network communications between
client and the server.  This section details the Rlogin settings.

Description            Setting
Rlogin Service            Enabled
Service TCP Port        513

I have checked a few other routers where SSH was not enabled with the
same results.

Can someone explain why Nipper is saying "Rlogin is enabled" when I do
not see it in the configuration file?  Is there something else that I
need to be looking at?  Why is Nipper saying "...Telnet protocol
implemented by the service...."?

Thank you in advance for any help.


Site Timeline