STIG V-224854 | The Telnet Client must not be installed

Microsoft Windows Server 2016

The Telnet Client must not be installed

STIG ID: WN16-00-000390 | SRG: SRG-OS-000096-GPOS-00050 | Severity: Medium | CCI: CCI-000382 | Vulnerability ID: V-224854

Description

Unnecessary services increase the attack surface of a system. Some of these services may not support required levels of authentication or encryption or may provide unauthorized access to the system.

Check

Open "PowerShell".Enter "Get-WindowsFeature | Where Name -eq Telnet-Client".If "Installed State" is "Installed", this is a finding.An Installed State of "Available" or "Removed" is not a finding.

Fix

Uninstall the "Telnet Client" feature.Start "Server Manager".Select the server with the feature.Scroll down to "ROLES AND FEATURES" in the right pane.Select "Remove Roles and Features" from the drop-down "TASKS" list.Select the appropriate server on the "Server Selection" page and click "Next".Deselect "Telnet Client" on the "Features" page.Click "Next" and "Remove" as prompted.