An error occurred:

Check: NET0378

Network - Firewall: NET0378 (in versions v8 r25 through v8 r21)

Title

The firewall must not be listening for telnet service. (Cat II impact)

Discussion

Telnet is an unencrypted service which can be easily exploited, especially when used over a public network such as the internet. With telnet enabled on the firewall, an attacker may be able to send spoofed packets through the firewall and consume the firewall’s memory, causing a denial of service on the device. Telnet service is vulnerable to many exploits which can compromise the network device if enabled.

Check Content

Have the firewall admin verify telnet is not enabled on the firewall and is not listening on port 23. If telnet is enabled on the firewall or the firewall is listening on port 23, this is a finding.

Fix Text

Disable telnet and verify the firewall is not listening to port 23.

Additional Identifiers

Rule ID:

Vulnerability ID: V-72881

Group Title:

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
No CCIs are assigned to this check

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
No controls are assigned to this check