This shows you the differences between two versions of the page.

Link to this comparison view

centos7:2:2:18 [2017/05/04 14:57] (current)
Line 1: Line 1:
 +======2.2.18 Ensure telnet server is not enabled (Scored)======
 +=====Profile Applicability=====  ​
 +Level 1 - Server
 +Level 1 - Workstation ​
 +The ''​telnet-server''​ package contains the ''​telnet''​ daemon, which accepts connections from users from other systems via the ''​telnet''​ protocol.
 +The ''​telnet''​ protocol is insecure and unencrypted. The use of an unencrypted transmission medium could allow a user with access to sniff network traffic the ability to steal credentials. The ''​ssh''​ package provides an encrypted session and stronger security.
 +=====Audit===== ​
 +Run the following command and verify result is not "​enabled":​
 +# systemctl is-enabled telnet.socket
 +=====Remediation===== ​
 +Run the following commands to disable ''​telnet'':​
 +# systemctl disable telnet.socket