Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-72879 | NET0378 | SV-87531r1_rule | Medium |
Description |
---|
Telnet is an unencrypted service which can be easily exploited, especially when used over a public network such as the internet. With telnet enabled on the firewall, an attacker may be able to send spoofed packets through the firewall and consume the firewall’s memory, causing a denial of service on the device. Telnet service is vulnerable to many exploits which can compromise the network device if enabled. |
STIG | Date |
---|---|
Firewall Security Technical Implementation Guide - Cisco | 2017-07-12 |
Check Text ( C-73013r1_chk ) |
---|
Have the firewall admin enter the following command to verify if the firewall is listening to telnet port 23 or 1467: show asp table socket ciscoasa# show asp table socket Protocol Socket State Local Address Foreign Address TCP 0000f668 LISTEN 2.0.0.1:23 0.0.0.0:* If the firewall is listening to telnet port 23 or 1467, this is a finding. |
Fix Text (F-79321r1_fix) |
---|
Disable telnet and verify the firewall is not listening to port 23 or 1467 as shown in the following example: no telnet 2.0.0.2 255.255.255.255 inside ciscoasa# show asp table socket Protocol Socket State Local Address Foreign Address ciscoasa# |