Triage and Remediation
Remediation
Using Console
Using Console
To remediate the misconfiguration of “Telnet Port Should Not Be Open” for GCP using GCP console, please follow the below steps:
- Login to your GCP console.
- Navigate to the GCP project which has the instance with the open Telnet port.
- Click on the hamburger menu on the top left corner of the console and select “Compute Engine” under the “Compute” section.
- From the list of instances, select the instance with the open Telnet port.
- Click on the “Edit” button at the top of the page.
- Scroll down to the “Firewall” section and click on “Management, disks, networking, SSH keys”.
- Under the “Firewall” section, click on “default-allow-internal”.
- Scroll down to the “Protocols and ports” section and uncheck the “tcp:23” option.
- Click on the “Save” button at the bottom of the page.
Using CLI
Using CLI
To remediate the “Telnet Port Should Not Be Open” misconfiguration on GCP using GCP CLI, follow these steps:
- Open the Cloud Shell in the GCP Console.
- Run the following command to list all the instances in the project:
- Identify the instance that has the telnet port open.
- Connect to the instance using SSH:
- Once connected to the instance, run the following command to check if telnet is installed:
- If telnet is installed, run the following command to uninstall it:
- If telnet is not installed, run the following command to check if the telnet port is open:
- If the telnet port is open, edit the firewall rules for the instance to close the telnet port:
- Verify that the telnet port is closed by running the following command:
-
Exit the SSH session by typing
exit. - Repeat steps 4-10 for any other instances that have the telnet port open.
Using Python
Using Python
To remediate the Telnet Port Should Not Be Open misconfiguration in GCP using Python, you can follow these steps:By following these steps, you can remediate the Telnet Port Should Not Be Open misconfiguration for a GCP instance using Python.
- Connect to the GCP project using the Python client library.
- Check if the Telnet port is open by looking at the instance’s firewall rules.
- If there is a firewall rule that allows Telnet traffic, delete it.
- Confirm that the Telnet port is no longer open by checking the instance’s firewall rules again.