====== 2.1.8 Ensure telnet server is not enabled (Scored)======
=====Profile Applicability=====  
<code>
Level 1 - Server 
Level 1 - Workstation
</code>

=====Description=====
The ''telnet-server'' package contains the ''telnet'' daemon, which accepts connections from users from other systems via the ''telnet'' protocol.

=====Rationale=====
The ''telnet'' protocol is insecure and unencrypted. The use of an unencrypted transmission medium could allow a user with access to sniff network traffic the ability to steal credentials. The ''ssh'' package provides an encrypted session and stronger security.

=====Audit===== 
Verify the ''telnet'' service is not enabled. Run the following commands and verify results are as indicated:
<Code:bash>
grep -R "^telnet" /etc/inetd.*
</Code>
No results should be returned \\ \\
check ''/etc/xinetd.conf'' and ''/etc/xinetd.d/*'' and verify all ''telnet'' services have ''disable = yes'' set.

=====Remediation===== 
Comment out or remove any lines starting with ''telnet'' from ''/etc/inetd.conf'' and ''/etc/inetd.d/*''.\\
Set ''disable = yes'' on all ''telnet'' services in ''/etc/xinetd.conf'' and ''/etc/xinetd.d/*''.