Navigate

Check: WINSV-000105

Windows 2008 Domain Controller STIG: WINSV-000105 (in versions v6 r47 through v6 r35)

Title

The Telnet service must be disabled if installed. (Cat II impact)

Discussion

Unnecessary services increase the attack surface of a system. Some of these services may not support required levels of authentication or encryption.

Check Content

Run "Services.msc". If the "Telnet" service (Service name: TlntSvr) is installed and not disabled, this is a finding.

Fix Text

Remove or disable the "Telnet" service (Service name: TlntSvr). To remove the "Telnet" service from a system: Start "Server Manager" Select "Features" in the left pane. Under "Features Summary" in the right pane, select "Remove Features". On the "Features" screen, de-select "Telnet Server". Click "Next" and "Remove".

Additional Identifiers

Rule ID: SV-83315r1_rule

Vulnerability ID: V-26606

Group Title: Telnet Service Disabled

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-000382	Configure the system to prohibit or restrict the use of organization-defined prohibited or restricted functions, system ports, protocols, software, and/or services.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
CM-7	Least Functionality