2.1.8 Ensure telnet server is not enabled - 'telnet'

Information

The telnet-server package contains the telnet daemon, which accepts connections from users from other systems via the telnet protocol. The telnet protocol is insecure and unencrypted. The use of an unencrypted transmission medium could allow a user with access to sniff network traffic the ability to steal credentials. The ssh package provides an encrypted session and stronger security.

Solution

Comment out or remove any lines starting with telnet from /etc/inetd.conf and /etc/inetd.d/*. Set disable = yes on all telnet services in /etc/xinetd.conf and /etc/xinetd.d/*.

See Also

https://workbench.cisecurity.org/files/1866

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-7b., CSCv6|3.4

Plugin: Unix

Control ID: 04cdb3e6cd11213c236c63aa266c3100756538c104acbdfcfb2bddf8d3710b17