Saltstack Official Linux Formula
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

cis-2-3-4.yml 1.1KB

12345678910111213141516171819202122232425262728293031323334353637383940
  1. # 2.3.4 Ensure telnet client is not installed
  2. #
  3. # Description
  4. # ===========
  5. # The telnet package contains the telnet client, which allows users to start
  6. # connections to other systems via the telnet protocol.
  7. #
  8. # Rationale
  9. # =========
  10. # The telnet protocol is insecure and unencrypted. The use of an unencrypted
  11. # transmission medium could allow an unauthorized user to steal credentials.
  12. # The ssh package provides an encrypted session and stronger security and is
  13. # included in most Linux distributions.
  14. #
  15. # Audit
  16. # =====
  17. # Run the following command and verify telnet is not installed:
  18. #
  19. # # dpkg -s telnet
  20. #
  21. # Remediation
  22. # ===========
  23. # Run the following command to uninstall telnet :
  24. #
  25. # # apt-get remove telnet
  26. #
  27. # Impact
  28. # ======
  29. # Many insecure service clients are used as troubleshooting tools and in
  30. # testing environments. Uninstalling them can inhibit capability to test and
  31. # troubleshoot. If they are required it is advisable to remove the clients
  32. # after use to prevent accidental or intentional misuse.
  33. #
  34. parameters:
  35. linux:
  36. system:
  37. package:
  38. telnet:
  39. version: removed