Details

Telnet is an unencrypted service which can be easily exploited, especially when used over a public network such as the internet. With telnet enabled on the firewall, an attacker may be able to send spoofed packets through the firewall and consume the firewall’s memory, causing a denial of service on the device. Telnet service is vulnerable to many exploits which can compromise the network device if enabled.

Solution

Disable telnet and verify the firewall is not listening to port 23 or 1467 as shown in the following example:

no telnet 2.0.0.2 255.255.255.255 inside

ciscoasa# show asp table socket

Protocol Socket State Local Address Foreign Address

ciscoasa#

Supportive Information

The following resource is also helpful.

• https://iasecontent.disa.mil/stigs/zip/U_Network_Firewall_V8R25_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Cisco.

References

• 800-53|CM-7b.
• CAT|II
• CSCv6|9.1
• Rule-ID|SV-87533r1_rule
• STIG-ID|NET0378
• Vuln-ID|V-72881

Source

• Tenable.com/audits