2.2.18 Ensure telnet server is not enabled (Scored)
Profile Applicability
Level 1 - Server Level 1 - Workstation
Description
The telnet-server
package contains the telnet
daemon, which accepts connections from users from other systems via the telnet
protocol.
Rationale
The telnet
protocol is insecure and unencrypted. The use of an unencrypted transmission medium could allow a user with access to sniff network traffic the ability to steal credentials. The ssh
package provides an encrypted session and stronger security.
Audit
Run the following command and verify result is not “enabled”:
# systemctl is-enabled telnet.socket disabled
Remediation
Run the following commands to disable telnet
:
# systemctl disable telnet.socket