Telnet is enabled on the device-paloaltonetworks-panos
Vendor: paloaltonetworks
OS: panos
Description:
Indeni will check if a device has Telnet enabled. Telnet is not encrypted and is therefore a security risk.
Remediation Steps:
Disable Telnet on the device.
How does this work?
This script pulls the Palo Alto Networks firewall’s active configuration and extracts the configured services from there.
Why is this important?
Telnet is an unsecure protocol and should not be used. Users may enable telnet unintentionally and should be alerted if they do so.
Without Indeni how would you find this?
An administrator may write a script to pull this data from devices and compare against a gold configuration.
panos-management-interface-services
name: panos-management-interface-services
description: Ensure "HTTP" and "Telnet" are disabled on the management interface and
are not used to manage the device.
type: monitoring
monitoring_interval: 60 minutes
requires:
vendor: paloaltonetworks
os.name: panos
product: firewall
comments:
telnet-enabled:
why: |
Telnet is an unsecure protocol and should not be used. Users may enable telnet unintentionally and should be alerted if they do so.
how: |
This script pulls the Palo Alto Networks firewall's active configuration and extracts the configured services from there.
can-with-snmp: false
can-with-syslog: false
http-server-enabled:
why: |
HTTP is an unsecure protocol and should not be used. Users may enable HTTP unintentionally and should be alerted if they do so.
how: |
This script pulls the Palo Alto Networks firewall's active configuration and extracts the configured services from there.
can-with-snmp: false
can-with-syslog: false
steps:
- run:
type: SSH
command: show system services
parse:
type: AWK
file: panos-management-interface-services.parser.1.awk
cross_vendor_telnet_enabled
Failed to fetch the data: https://bitbucket.org/indeni/indeni-knowledge/src/master/rules/templatebased/crossvendor/cross_vendor_telnet_enabled.scala