2.12 Disable Telnet Service

Information

The telnet daemon, which accepts connections from users from other systems via the telnet protocol and can be used for remote shell access.

Rationale:

The telnet protocol is insecure and unencrypted. The use of an unencrypted transmission medium could allow a user with access to sniff network traffic the ability to steal credentials. The ssh protocol provides an encrypted session and stronger security.

Solution

To disable this service, run the following command:

# svcadm disable svc:/network/telnet

See Also

https://workbench.cisecurity.org/benchmarks/4777

Item Details

Category: SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|CA-9, 800-53|SC-7, 800-53|SC-7(5), CSCv7|9.2

Plugin: Unix

Control ID: 2c7f40c30ecb4e590a9ad954ea6ee8b2eeabfcb5ee285c8c9c6467f6ca4c6260