Remediation
From Command Lineβ
- Run the following command to remove or modify the unrestricted rule for Telnet access:
aws ec2 revoke-security-group-ingress \
--region {{region-name}} \
--group-id {{security-group-id}} \
--protocol {{protocol}} \
--port 23 \
--cidr {{0.0.0.0/0 or ::/0}}
- Optionally, run the
authorise-security-group-ingresscommand to create a new rule, specifying a trusted CIDR range instead of0.0.0.0/0.
- Confirm the changes by describing the security group again and ensuring the unrestricted access rule has been removed or appropriately restricted:
aws ec2 describe-security-groups \
--region {{region-name}} \
--group-ids {{security-group-id}} \
--query 'SecurityGroups[*].IpPermissions[?FromPort==`23`].{CIDR:IpRanges[*].CidrIp,Port:FromPort}'
- Conduct tests to verify functionality of applications dependent on Telnet to ensure they are unaffected by the changes.
- Where possible, migrate services using Telnet to secure alternatives like SSH. Update configurations to use SSH and disable Telnet services.