Telnet access is enabled by default on some IOS releases. See this article for why this is bad.
If you don’t need Telnet access, you should disable it. The commands are as follows:
- line vty 0 4
- transport input none
If you do need remote terminal access, you should switch Telnet to SSH where possible. Be sure to set a secure password.
- ip domain-name your.domain.com
- crypto key generate rsa
- username yourusername secret supersecretpassword
- line vty 0 4
- transport input ssh
- login local
The crypto key generate rsa command will ask you “How many bits in the modulus”. It is recommended to use at least 2048.