2.1.8 Ensure telnet server is not enabled (Scored)

Level 1 - Server 
Level 1 - Workstation

The telnet-server package contains the telnet daemon, which accepts connections from users from other systems via the telnet protocol.

The telnet protocol is insecure and unencrypted. The use of an unencrypted transmission medium could allow a user with access to sniff network traffic the ability to steal credentials. The ssh package provides an encrypted session and stronger security.

Verify the telnet service is not enabled. Run the following commands and verify results are as indicated:

grep -R "^telnet" /etc/inetd.*

No results should be returned

check /etc/xinetd.conf and /etc/xinetd.d/* and verify all telnet services have disable = yes set.

Comment out or remove any lines starting with telnet from /etc/inetd.conf and /etc/inetd.d/*.
Set disable = yes on all telnet services in /etc/xinetd.conf and /etc/xinetd.d/*.

  • ubuntu1604/2/1/8.txt
  • Last modified: 2017/05/02 10:27
  • by Piotr K┼éoczewski