
Ruser
This check searches for users on the remote host. It provides information on
how busy the machine is and on login accounts an intruder can use in an attack.
Obtained account information is used by the scanner in a brute-force default
attack.
Risk: Low
Fix: When the system is vulnerable to such an intrusion, you can disable the
server. Place a # at the beginning of the appropriate line in the file
/etc/inetd.conf, and then send the SIGHUP signal to the inetd process. For example, a
disabled rusers entry might appear as: