Step 2, Inventory: Identify all systems running GNU InetUtils telnetd across your environment. Query configuration management databases, run authenticated network scans for port 23 (open and listening), and cross-reference with asset inventory. Include cloud, OT, and legacy infrastructure.
Preparation
NIST 800-61r3 §3.1.1
NIST CM-2 — Baseline configuration
CIS 1.1 — Asset management
NIST IA-4 — Identifier management
Compensating Control
Use free/open-source tools: (1) Nmap for port enumeration: `nmap -p 23 --open -Pn <CIDR range>` for each subnet; save output with `-oX results.xml`. (2) Grep system configs manually: `grep -r telnet /etc/inetd.conf /etc/xinetd.d/ 2>/dev/null` on each Linux host (use `for` loop over SSH targets). (3) Windows: `Get-Service | Where-Object {$_.Name -like '*telnet*'}` via PowerShell across WinRM-enabled hosts. (4) Cross-reference with `/etc/services` entries. (5) Create CSV: hostname, OS, port 23 status (open/closed/filtered), last scanned date. Store in shared drive with read-only access for audit.
Preserve Evidence
Before scanning: (1) Document baseline network topology and subnets in a diagram or text file. (2) Export current CMDB or asset inventory to CSV (hostname, IP, OS, last patched date, criticality). (3) Capture current firewall rules with `iptables-save > fw_baseline.txt` (Linux) or GPO export (Windows). (4) Document known systems where telnetd is expected (if any) and their business justification. (5) Take a baseline port 23 availability scan one week prior to distribute to stakeholders as a reference point.
