 |
|
|
Family: Useless services --> Category: infos
Telnet Vulnerability Scan
Vulnerability Scan Summary
Searches for the existence of Telnet
Detailed Explanation for this Vulnerability Test
The Telnet service is running.
This service is dangerous in the sense that it is not ciphered - that is,
everyone can sniff the data that passes between the telnet client
and the telnet server. This includes logins and passwords.
Solution:
If you are running a Unix-type system, OpenSSH can be used instead of telnet.
For Unix systems, you can comment out the 'telnet' line in /etc/inetd.conf.
For Unix systems which use xinetd, you will need to modify the telnet services
file in the /etc/xinetd.d folder. After making any changes to xinetd or
inetd configuration files, you must restart the service in order for the
changes to take affect.
In addition, many different router and switch manufacturers support SSH as a
telnet replacement. You should contact your vendor for a solution which uses
an encrypted session.
Threat Level: Low
Click HERE for more information and discussions on this network vulnerability scan.
|
|
|
|
|
