The security audit's purpose is to identify unsecured network services. Based on the provided list, FTP (File Transfer Protocol) on port 21 and Telnet on port 23 are inherently insecure. Both of these legacy protocols transmit all data, including usernames and passwords, in cleartext across the network. This allows any attacker with the ability to monitor network traffic (e.g., via a man-in-the-middle attack) to easily capture and read sensitive information. Therefore, their presence represents a significant security vulnerability that requires immediate investigation and remediation, typically by replacing them with secure alternatives like SFTP and SSH, respectively.

B. 22: SSH (Secure Shell) is a secure protocol that provides strong encryption for all transmitted data, including credentials, making it the secure replacement for Telnet.

D. 636: LDAPS (Lightweight Directory Access Protocol Secure) is the secure version of LDAP, using SSL/TLS to encrypt communications. The unsecured version runs on port 389.

E. 1723: While PPTP (Point-to-Point Tunneling Protocol) is considered insecure due to known cryptographic vulnerabilities, FTP and Telnet are more fundamentally unsecured as they lack any encryption whatsoever.

F. 3389: Modern RDP (Remote Desktop Protocol) is a secure protocol that encrypts remote administration sessions, especially when Network Level Authentication (NLA) is enabled.

---

1. National Institute of Standards and Technology (NIST)

Special Publication 800-53 Revision 5

Security and Privacy Controls for Information Systems and Organizations

September 2020. In control family SC (System and Communications Protection)

control SC-8(1) "Cryptographic Protection" mandates the use of validated cryptography for data in transit. Protocols like Telnet and FTP do not meet this requirement as they transmit data in cleartext. (See control SC-8

Page 229).

2. Internet Engineering Task Force (IETF)

RFC 4217

Securing FTP with TLS

October 2005. The introduction (Section 1

Page 2) explicitly states

"The File Transfer Protocol [FTP] ... is weak with respect to security as it sends all passwords and data in the clear." This highlights the inherent insecurity of the standard FTP protocol.

3. Purdue University

CS 42600: Computer Security Courseware

"Lecture 18: Network Security". This and similar university course materials consistently identify Telnet and FTP as canonical examples of insecure protocols that operate in cleartext and should be replaced by secure alternatives like SSH and SFTP. (Specific lecture notes often detail the packet structure showing cleartext credentials).