Telnet Port Should Not Be Open

More Info:

Determines if TCP port 23 for Telnet is open to the public.

Risk Level

Medium

Address

Security

Compliance Standards

SOC2, GDPR, ISO27001, HIPAA, HITRUST, NISTCSF, PCIDSS, FedRAMP

Triage and Remediation

Remediation

Using Console

Using CLI

To remediate the “Telnet Port Should Not Be Open” misconfiguration on GCP using GCP CLI, follow these steps:

Open the Cloud Shell in the GCP Console.
Run the following command to list all the instances in the project:

gcloud compute instances list

Identify the instance that has the telnet port open.
Connect to the instance using SSH:

gcloud compute ssh [INSTANCE_NAME] --zone [ZONE]

Once connected to the instance, run the following command to check if telnet is installed:

which telnet

If telnet is installed, run the following command to uninstall it:

sudo apt-get remove telnet

If telnet is not installed, run the following command to check if the telnet port is open:

sudo netstat -tuln | grep 23

If the telnet port is open, edit the firewall rules for the instance to close the telnet port:

gcloud compute firewall-rules update [FIREWALL_RULE_NAME] --remove-ports=23 --direction=INGRESS

Verify that the telnet port is closed by running the following command:

sudo netstat -tuln | grep 23

Exit the SSH session by typing exit.
Repeat steps 4-10 for any other instances that have the telnet port open.

By following the above steps, you can remediate the “Telnet Port Should Not Be Open” misconfiguration on GCP using GCP CLI.

Using Python

To remediate the Telnet Port Should Not Be Open misconfiguration in GCP using Python, you can follow these steps:

Connect to the GCP project using the Python client library.

from google.cloud import compute_v1

compute_client = compute_v1.InstancesClient()
project = "your-project-id"
zone = "your-zone"
instance_name = "your-instance-name"
instance = compute_client.get(project=project, zone=zone, instance=instance_name)

Check if the Telnet port is open by looking at the instance’s firewall rules.

firewall_rules = compute_client.list_firewall_policies(project=project, zone=zone)
for rule in firewall_rules:
    if rule.allowed[0].ports == ['23']:
        print(f"Firewall rule {rule.name} allows Telnet traffic.")

If there is a firewall rule that allows Telnet traffic, delete it.

for rule in firewall_rules:
    if rule.allowed[0].ports == ['23']:
        operation = compute_client.delete_firewall_policy(project=project, firewall_policy=rule.name)
        operation.result()
        print(f"Firewall rule {rule.name} deleted.")

Confirm that the Telnet port is no longer open by checking the instance’s firewall rules again.

firewall_rules = compute_client.list_firewall_policies(project=project, zone=zone)
for rule in firewall_rules:
    if rule.allowed[0].ports == ['23']:
        print(f"Firewall rule {rule.name} still allows Telnet traffic.")

By following these steps, you can remediate the Telnet Port Should Not Be Open misconfiguration for a GCP instance using Python.

Additional Reading:

https://cloud.google.com/vpc/docs/using-firewalls

GCP Introduction

GCP Pricing

GCP Threats

GCP Misconfigurations

Resources

GCP Threats

Telnet Port Should Not Be Open

More Info:

Risk Level

Address

Compliance Standards

Triage and Remediation

Remediation

Additional Reading:

GCP Introduction

GCP Pricing

GCP Threats

GCP Misconfigurations

Resources

GCP Threats

​More Info:

​Risk Level

​Address

​Compliance Standards

​Triage and Remediation

​Remediation

​Additional Reading:

More Info:

Risk Level

Address

Compliance Standards

Triage and Remediation

Remediation

Additional Reading: