[NCLUG] Close Your Telnet Port

[Michael Dwyer]

http://www.cert.org/advisories/CA-2001-21.html

If you haven't already, shut down your telnet daemon.
The telnetd in the linux netkit is believed to be
vulnerable.   For what it is worth, my network was
scanned for this vulnerability by a host in Uruguay
two days ago.

For a standard inetd:
 o edit /etc/inetd.conf
 o find the line that starts with "telnet"
 o make sure that line is commented out (has a # as
   the first character in the line)
 o save your changes
 o type "killall -HUP inetd"

If you cannot find an inetd.conf file, your distro
may use xinetd.  Hopefully someone can provide help
on that.  I /believe/ you need only find the block
that references telnet and comment it out.

Keep an eye out for vendor patches soon!

Silly way to see if you may be vulnerable:

   telnet localhost

if you see a login banner, your telnetd is running.

You may also be able to limit exposure using ipchains
or iptables or a border router.