Rlogin Default passwords
------------------------

CVE Number: 
CAN-1999-0501, CAN-1999-0502
CAN-1999-0503, CAN-1999-0504

Details:
An account with a default, or easily guessable password was accessible using
the Rlogin service.

Fix:
Disable or restrict the accessibility of the Rlogin service.
Remove unused accounts and accounts with default passwords.
Impose a password change policy to include quality, reuse prevention,
expiration and replacement frequency.
Replace reusable passwords with stronger authentication technology such
as hardware tokens or one time passwords.

Related URLs:
http://www.sans.org/topten.htm#8

$Id: rlogin,v 1.1 2000/11/06 15:34:25 loveless Exp $
