- 필수 기능
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- 디지털 경험
- 소프트웨어 제공
- 보안
- 로그 관리
- 관리
- 인프라스트럭처
- ci
- containers
- csm
- ndm
- otel_guides
- overview
- slos
- synthetics
- tests
- 워크플로
The telnet client allows users to start connections to other systems via the telnet protocol.
The telnet
protocol is insecure and unencrypted. The use
of an unencrypted transmission medium could allow an unauthorized user
to steal credentials. The ssh
package provides an
encrypted session and stronger security and is included in Ubuntu 20.04.
The following script can be run on the host to remediate the issue.
#!/bin/bash
# CAUTION: This remediation script will remove telnet
# from the system, and may remove any packages
# that depend on telnet. Execute this
# remediation AFTER testing on a non-production
# system!
DEBIAN_FRONTEND=noninteractive apt-get remove -y "telnet"
The following playbook can be run with Ansible to remediate the issue.
- name: Ensure telnet is removed
package:
name: telnet
state: absent
tags:
- NIST-800-171-3.1.13
- PCI-DSSv4-2.2.4
- disable_strategy
- low_complexity
- low_disruption
- low_severity
- no_reboot_needed
- package_telnet_removed