Telnet is enabled on the device-juniper-junos
Vendor: juniper
OS: junos
Description:
Indeni will check if a device has Telnet enabled. Telnet is not encrypted and is therefore a security risk.
Remediation Steps:
Disable Telnet on the device.
junos-show-configuration-system-services
name: junos-show-configuration-system-services
description: Identify whether telnet and http services are enabled
type: monitoring
monitoring_interval: 10 minute
requires:
vendor: juniper
os.name: junos
comments:
telnet-enabled:
why: |
Telnet is an unsecure protocol and should not be used. Users may enable telnet unintentionally and should be alerted if they do so.
how: |
If "telnet" and "http" are enabled on the device, it is recommanded to disable them and enable "ssh" and "https" instead to remediate the security risks.
can-with-snmp: false
can-with-syslog: false
http-server-enabled:
why: |
The system services "telnet" and "http" are not recommanded to enable on the device for security reasons.
how: |
If "telnet" and "http" are enabled on the device, it is recommanded to disable them and enable "ssh" and "https" instead to remediate the security risks.
can-with-snmp: false
can-with-syslog: false
steps:
- run:
type: SSH
command: show configuration system services | display set
parse:
type: AWK
file: show-configuration-system-services.parser.1.awk
cross_vendor_telnet_enabled
Failed to fetch the data: https://bitbucket.org/indeni/indeni-knowledge/src/master/rules/templatebased/crossvendor/cross_vendor_telnet_enabled.scala