5.27 Ensure 'Telnet (TlntSvr)' is set to 'Disabled' or 'Not Installed'

Information

Enables a remote user to log on to this computer and run programs, and supports various TCP/IP Telnet clients, including UNIX-based and Windows-based computers.

The recommended state for this setting is: Disabled or Not Installed.

Note: This service is not installed by default. It is supplied with Windows, but is installed by enabling an optional Windows feature (Telnet Server).

Rationale:

Hosting a Telnet server (especially a non-secure Telnet server) from a workstation is an increased security risk, as the attack surface of that workstation is then greatly increased.

Note: This security concern applies to any Telnet server application installed on a workstation, not just the one supplied with Windows.

Solution

To establish the recommended configuration via GP, set the following UI path to: Disabled or ensure the service is not installed.

Computer Configuration\Policies\Windows Settings\Security Settings\System Services\Telnet

Impact:

Remote user Telnet access will not be available.

Default Value:

Not Installed (Disabled when installed)

See Also

https://workbench.cisecurity.org/files/2700

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-7b.

Plugin: Windows

Control ID: 462e3829e1c055ff9e4f06cb1215a6f5cd63ccd3a1921acc313d421df7b7f2d2