UCF STIG Viewer Logo

The firewall must not be listening for telnet service.


Overview

Finding ID Version Rule ID IA Controls Severity
V-72881 NET0378 SV-87533r1_rule Medium
Description
Telnet is an unencrypted service which can be easily exploited, especially when used over a public network such as the internet. With telnet enabled on the firewall, an attacker may be able to send spoofed packets through the firewall and consume the firewall’s memory, causing a denial of service on the device. Telnet service is vulnerable to many exploits which can compromise the network device if enabled.
STIG Date
Firewall Security Technical Implementation Guide 2017-12-07

Details

Check Text ( C-73015r1_chk )
Have the firewall admin verify telnet is not enabled on the firewall and is not listening on port 23.

If telnet is enabled on the firewall or the firewall is listening on port 23, this is a finding.
Fix Text (F-79323r1_fix)
Disable telnet and verify the firewall is not listening to port 23.