Telnet is an unsecured network protocol that facilitates remote login to a server via network connection. The protocol allows server to be located thousands of miles away from the administrator yet still can be managed even without physical console access. However, Telnet has slowly replaced with SSH (Secure Shell) protocol due to security risks as the data transmission packet, including login username and password for Telnet is unencrypted, allowing hackers or crackers to easily sniff and obtain these information easily.
So it’s a good practice to disable Telnet service on server, especially web server which reachable from Internet, and replaced with SSH. For web servers that are subscribed from some web hosting providers has Telnet disabled by default. Webmasters or system administrators can verify if the Telnet service is turned on or off. If it’s still running, the following guide will provide steps to disable and turn off Telnet service. Telnet server listens for incoming messages on port 23, and sends outgoing messages to port 23.
How to Disable Telnet
- SSH into server and login as root.
- At shell command prompt type the following command and press Enter. This example use pico to edit text file, you can use vi or other text editor if you want.
pico -w /etc/xinetd.d/telnet
- Locate the following line:
disable = no
Change the “disable = no” to “disable = yes” (no to yes).
- Save and exit.
- Restart the inetd service by using the following command:
/etc/rc.d/init.d/xinetd restart
- Turn off Telnet through chkconfig as well because it can still start through that:
/sbin/chkconfig telnet off