Telnet Service Detection

info Nessus Plugin ID 10280
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

Telnet service appears to be running on the remote system.

Description

The Telnet service is running. This service is dangerous in the sense that it is not ciphered - that is, everyone can sniff the data that passes between the telnet client and the telnet server. This includes logins and passwords.

Solution

If you are running a Unix-type system, OpenSSH can be used instead of telnet. For Unix systems, you can comment out the 'telnet' line in /etc/inetd.conf. For Unix systems which use xinetd, you will need to modify the telnet services file in the /etc/xinetd.d folder. After making any changes to xinetd or inetd configuration files, you must restart the service in order for the changes to take affect.

In addition, many different router and switch manufacturers support SSH as a telnet replacement. You should contact your vendor for a solution which uses an encrypted session.

Plugin Details

Severity: Info

ID: 10280

File Name: telnet.nasl

Version: 1.45

Type: remote

Published: 8/22/1999

Updated: 9/22/2020

Dependencies: find_service1.nasl

Vulnerability Information

Reference Information

IAVA: 0001-A-0630