Telnet is a legacy protocol that allows you to connect to remote hosts over a TCP/IP network, such as the internet. The Telnet session between the client and the server is not encrypted. Anyone with access to the TCP/IP packet flow between the communicating hosts can reconstruct the data that flows between the endpoints and read the messages, including the usernames and passwords that are used to log in to the remote machine. Fixing this misconfiguration will disable Telnet service in your network endpoints.
Severity
important
Category
Linux - Insecure Services
Resolution
Follow the below steps to resolve the misconfiguration.
Comment out or remove any lines starting with telnet from /etc/inetd.conf and
/etc/inetd.d/* .
Set disable = yes on all telnet services in /etc/xinetd.conf and /etc/xinetd.d/* .
Potential issues that may arise after applying the resolution
Altering the existing security setting may create the following impact in your network operations. Legacy protocols are present to support operations of legacy applications and services. Disabling them would cause those applications to stop functioning.
Does remediation require reboot?
No
Vulnerability Manager Plus tracks security configurations and remediate misconfigurations in your network systems from a centralized console. View a list of all the security misconfigurations detected by Vulnerability Manager Plus.