Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== 2.1.8 Ensure telnet server is not enabled (Scored)====== =====Profile Applicability===== <code> Level 1 - Server Level 1 - Workstation </code> =====Description===== The ''telnet-server'' package contains the ''telnet'' daemon, which accepts connections from users from other systems via the ''telnet'' protocol. =====Rationale===== The ''telnet'' protocol is insecure and unencrypted. The use of an unencrypted transmission medium could allow a user with access to sniff network traffic the ability to steal credentials. The ''ssh'' package provides an encrypted session and stronger security. =====Audit===== Verify the ''telnet'' service is not enabled. Run the following commands and verify results are as indicated: <Code:bash> grep -R "^telnet" /etc/inetd.* </Code> No results should be returned \\ \\ check ''/etc/xinetd.conf'' and ''/etc/xinetd.d/*'' and verify all ''telnet'' services have ''disable = yes'' set. =====Remediation===== Comment out or remove any lines starting with ''telnet'' from ''/etc/inetd.conf'' and ''/etc/inetd.d/*''.\\ Set ''disable = yes'' on all ''telnet'' services in ''/etc/xinetd.conf'' and ''/etc/xinetd.d/*''. ubuntu1604/2/1/8.txt Last modified: 2017/05/02 10:27by Piotr Kłoczewski