5.1.6 Ensure telnet server is not enabled

Information

The telnet-server package contains the telnet daemon, which accepts connections from
users from other systems via the telnet protocol.

*Rationale*

The telnet protocol is insecure and unencrypted. The use of an unencrypted transmission
medium could allow a user with access to sniff network traffic the ability to steal
credentials. The ssh package provides an encrypted session and stronger security.

Solution

Remove or comment out any telnet lines in /etc/inetd.conf-#telnet stream tcp nowait telnetd /usr/sbin/tcpd /usr/sbin/in.telnetd

See Also

https://workbench.cisecurity.org/files/91

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-7b., CSCv6|9.1

Plugin: Unix

Control ID: d40c17443a0ef3223d3019795bdb63524157db56de1f8679d456406afe389bab