iCompaas Support

Profile Applicability:
 • Level 1

Description:
Telnet server services provide remote terminal access without encryption. If not required, these services should be disabled to prevent transmission of sensitive data in clear text and reduce security risks.

Rationale:
 Disabling unused Telnet services minimizes the attack surface by preventing unencrypted remote access that can be intercepted or exploited.

Impact:
Pros:

• Reduces risk of credential interception and unauthorized access.
  

• Encourages use of secure alternatives like SSH.
  

Cons:

• Disabling Telnet may disrupt legacy systems relying on it.
  

Default Value:
 Telnet services may be enabled or running by default on some systems.

Pre-requisites:

• Root or sudo privileges to manage system services.
  

Remediation:

Test Plan:

Using Linux command line:

1. Check if Telnet service is enabled:

systemctl is-enabled telnet.socket  
systemctl is-enabled telnet

2. Check if Telnet service is running:

systemctl status telnet.socket  
systemctl status telnet

Implementation Plan:

Using Linux command line:

1. Disable Telnet services:

systemctl disable telnet.socket  
systemctl disable telnet

2. Stop running Telnet services:

systemctl stop telnet.socket  
systemctl stop telnet

3. Verify services are disabled and stopped:

systemctl is-enabled telnet.socket  
systemctl is-enabled telnet  
systemctl status telnet.socket  
systemctl status telnet

Backout Plan:

Using Linux command line:

1. Enable and start Telnet services if required:

systemctl enable telnet.socket  
systemctl start telnet.socket  
systemctl enable telnet  
systemctl start telnet

2. Verify service status.

References:

• CIS Amazon Linux 2 Benchmark v3.0.0
  

• Systemd Service Management