Telnet sends clear text passwords and usernames through logins and should be disabled on all web servers and replaced with SSH.
Some hosting providers are not disabling telnet by default but you should ensure that it has been turned off as it’s a great security risk to your servers. TELNET server listens for incoming messages on port 23, and sends outgoing messages to port 23.
1. Login to your server through SSH and su to root.
2. Type
pico /etc/xinetd.d/telnet
3. Look for the line:
disable = no
and replace with
disable = yes
4. Now restart the inetd service:
/etc/rc.d/init.d/xinetd restart
5. Turn off it through chkconfig as well because it can still start through that.
/sbin/chkconfig telnet off
6. Scan your server to ensure port 23 is closed.
nmap -sT -O localhost
Also run
ps -aux | grep telnetand if you find anything other than "grep telnet" as result kill the process.
