Remove telnet Clients

An XCCDF Rule

Description

The telnet client allows users to start connections to other systems via the telnet protocol.

Rationale

The telnet protocol is insecure and unencrypted. The use of an unencrypted transmission medium could allow an unauthorized user to steal credentials. The ssh package provides an encrypted session and stronger security and is included in Red Hat Enterprise Linux 8.

ID: xccdf_org.ssgproject.content_rule_package_telnet_removed
Severity: Low
References: 3.1.13

164.308(a)(4)(i) 164.308(b)(1) 164.308(b)(3) 164.310(b) 164.312(e)(1) 164.312(e)(2)(ii)

A.13.1.1 A.13.2.1 A.13.2.3 A.14.1.2 A.14.1.3 A.8.2.3

2.2 2.2.4

2.3.4

CCE-80849-3

R62
Updated: over 1 year ago

Remediation Templates

include remove_telnet
class remove_telnet {
  package { 'telnet':
    ensure => 'purged',
  }
}

- name: Ensure telnet is removed
  package:
    name: telnet
    state: absent
  tags:
  - CCE-80849-3  - NIST-800-171-3.1.13
  - PCI-DSSv4-2.2
  - PCI-DSSv4-2.2.4
  - disable_strategy
  - low_complexity
  - low_disruption
  - low_severity
  - no_reboot_needed
  - package_telnet_removed

package remove telnet

dnf remove telnet

package --remove=telnet

# CAUTION: This remediation script will remove telnet
#	   from the system, and may remove any packages
#	   that depend on telnet. Execute this
#	   remediation AFTER testing on a non-production
#	   system!
if rpm -q --quiet "telnet" ; then
yum remove -y "telnet"
fi

Remove telnet Clients

Description

Rationale

Remediation Templates

A Puppet Snippet

An Ansible Snippet

script:kickstart

script:bootc

Anaconda Pre-Install Instructions

A Shell Script