# 2.3.4 Ensure telnet client is not installed
#
# Description
# ===========
# The telnet package contains the telnet client, which allows users to start
# connections to other systems via the telnet protocol.
#
# Rationale
# =========
# The telnet protocol is insecure and unencrypted. The use of an unencrypted
# transmission medium could allow an unauthorized user to steal credentials.
# The ssh package provides an encrypted session and stronger security and is
# included in most Linux distributions.
#
# Audit
# =====
# Run the following command and verify telnet is not installed:
#
#   # dpkg -s telnet
#
# Remediation
# ===========
# Run the following command to uninstall telnet :
#
#   # apt-get remove telnet
#
# Impact
# ======
# Many insecure service clients are used as troubleshooting tools and in
# testing environments. Uninstalling them can inhibit capability to test and
# troubleshoot. If they are required it is advisable to remove the clients
# after use to prevent accidental or intentional misuse.
#
parameters:
  linux:
    system:
      package:
        telnet:
          version: removed