From Firewall Security Technical Implementation Guide - Cisco
Part of Firewall is listening for telnet service - Cisco.
Telnet is an unencrypted service which can be easily exploited, especially when used over a public network such as the internet. With telnet enabled on the firewall, an attacker may be able to send spoofed packets through the firewall and consume the firewall’s memory, causing a denial of service on the device. Telnet service is vulnerable to many exploits which can compromise the network device if enabled.
Have the firewall admin enter the following command to verify if the firewall is listening to telnet port 23 or 1467: show asp table socket ciscoasa# show asp table socket Protocol Socket State Local Address Foreign Address TCP 0000f668 LISTEN 2.0.0.1:23 0.0.0.0:* If the firewall is listening to telnet port 23 or 1467, this is a finding.
Disable telnet and verify the firewall is not listening to port 23 or 1467 as shown in the following example: no telnet 2.0.0.2 255.255.255.255 inside ciscoasa# show asp table socket Protocol Socket State Local Address Foreign Address ciscoasa#
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer