Is there anyway to block telnet(port23) using security policies in windows xp.  I know that I am able to filter it at the router using an access list but the network admin for our school does not want to mess with the router.  I want to be able to stop the machines in a room from initiating a telnet session, is this possible in XP Pro without the use of a router, zonealarm...ect??  
Who is Participating?
CrazyOneConnect With a Mentor Commented:
HOW TO: Restrict Users from Running Specific Windows Programs in Windows 2000/XP:

Restrict Users from Running Specific Applications (Windows 2000/Me/XP) Popular

This tweak can be easily applied using WinGuides Tweak Manager. Download Now!
This setting allows you to specify applications and filenames that users are restricted from running.

Open your registry and find the key [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion \Policies\Explorer]

Create a new DWORD value and name it "DisallowRun" set the value to "1" to enable application restrictions or "0" to allow all applications to run.

Then create a new sub-key called [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion \Policies\Explorer\DisallowRun] and define the applications the are to be restricted. Creating a new string value for each application, named as consecutive numbers, and setting the value to the filename to be restriced (e.g. "regedit.exe").

Restart Windows for the changes to take effect.

Registry Settings
User Key: [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\
System Key: [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\
Value Name: DisallowRun
Pete LongTechnical ConsultantCommented:
Remove telnet.exe from the clients, either manually or by login script :) its in c:\windows\system32

Think you'll have to block it with a firewall like Zone Alarm...
I'm fairly certain system restore will replace telnet.exe if it 'disappears'...
Cloud Class® Course: Microsoft Windows 7 Basic

This introductory course to Windows 7 environment will teach you about working with the Windows operating system. You will learn about basic functions including start menu; the desktop; managing files, folders, and libraries.

How about using ICF instead of zonealarm ?
akline34Author Commented:
I dont wont to completely remove the application I would just like to be able to disable telnet at login, or only allow it through the use of a password?  Is this possible??
Pete LongTechnical ConsultantCommented:
This is an outbound TCP port you want to stop enabling ICF will not help (unless we are in active/passive territory here) what are you ultimately trying to stop them doing? ther emust be some ussue you are trying to stamp on? I think we are approaching this from the wrong Angle, do you want them to stop opening telnet to another server?
akline34Author Commented:
OK- the students in my class are constantly opening a telnet on-line game (SimpleMU) I think is what it is called.  I would like to limit there use of the telnet application if that is possible without completely filtering it from use.  I am familiar wih group/local policies, but I am unaware if what I would like to accomplish is possible.  Ulimately if it gets to bad I will just block the games server IP at the firewall.
Why don't you just disable the service.

Locate the Telnet Service
Disable and Stop it.

If you ever need to use it on a machine you just remotely connect to the machine, start the service and then run it.

The suggestion from CO will disable it for all users, including you.
gemartiConnect With a Mentor Commented:
The other thing to try is to right click on telnet.exe
Select security tab
Remove all groups that the students are members of. This will prevent the application from running when a unauthorized user trys to start the application.
Glenn what I posted can be done on user basis. Persuming akline34 is using a seperate account then don't block that account from using it.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.