2.2 Only enable telnet if absolutely necessary - Uncomment service telnet in /etc/inet/inetd.conf

Information

Telnet uses an unencrypted network protocol, which means data from the login session (such as passwords and all other data transmitted during the session) can be stolen by eavesdroppers on the network, and also that the session can be hijacked by outsiders to gain access to the remote system. The freely-available SSH utilities (see http://www.openssh.com/) provide encrypted network logins and should be used instead.

See Also

https://workbench.cisecurity.org/files/633

Item Details

Audit Name: CIS Solaris 9 v1.3

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-7b., CSCv6|9.1

Plugin: Unix

Control ID: 32b458c6a4a372468a984ac7e7880e8cdc6014e70b39cdc078c82aec809db9ae