Check your EC2 security groups for inbound rules that allow unrestricted access (i.e. 0.0.0.0/0 or ::/0) to TCP port 23 and restrict access to only those IP addresses that require it in order to implement the principle of least privilege and reduce the possibility of a breach. TCP port 23 is used by the Telnet server application (telnetd). Telnet is usually used to check whether a client is able to make TCP/IP connections to a particular service: https://goo.gl/r4tbwi
This rule can help you with the following compliance standards:
This rule can help you work with the AWS Well-Architected Framework
This rule resolution is part of the Cloud Conformity Security & Compliance tool for AWS
Allowing unrestricted Telnet access can increase opportunities for malicious activity such as IP address spoofing, man-in-the-middle attacks (MITM) and brute-force attacks.
To determine if your EC2 security groups allow unrestricted Telnet access, perform the following:
To update your security groups inbound/ingress configuration in order to restrict Telnet access to specific entities (IP addresses, IP ranges, etc), perform the following: