How to Disable Telnet and Legacy Network Services on Windows

What Causes This?

Windows still includes some legacy networking features for compatibility with older apps, devices, and enterprise environments. Services like Telnet Client, Telnet Server, SMB 1.0/CIFS, and other outdated components can stay enabled even when you do not use them. That increases your PC’s attack surface because older protocols are less secure and are often targeted by malware, scanners, and unauthorized remote access attempts.

Common Symptoms

• Legacy features like Telnet Client or SMB 1.0 appear enabled in Windows Features
• Security scans warn about outdated or insecure network services
• You notice unnecessary listening ports or unexpected network activity
• Windows has older remote administration components enabled that you do not use
• Your PC is harder to lock down because unused networking features remain installed

How to Fix It Manually

1. Check which legacy Windows features are enabled

   1. Press Windows + R, type optionalfeatures, and press Enter.
   2. In Windows Features, look for older components such as:
      • Telnet Client
      • TFTP Client
      • SMB 1.0/CIFS File Sharing Support
      • Simple TCP/IP services if present
   3. If you do not actively use them, clear their checkboxes.
   4. Click OK and let Windows apply the changes.

2. Disable Telnet services if they exist

   1. Press Windows + R, type services.msc, and press Enter.
   2. In the Services window, look for Telnet or any similarly named legacy remote access service.
   3. Double-click it, set Startup type to Disabled, then click Stop if the service is running.
   4. Click Apply, then OK.

3. Turn off legacy features with PowerShell if needed

   1. Right-click Start and choose Windows Terminal (Admin) or PowerShell (Admin).
   2. To disable Telnet Client, run:

      Disable-WindowsOptionalFeature -Online -FeatureName TelnetClient

   3. To disable SMB 1.0, run:

      Disable-WindowsOptionalFeature -Online -FeatureName SMB1Protocol

   4. If Windows says a restart is required, save your work and restart your PC.

4. Review startup and background services

   1. Open Task Manager with Ctrl + Shift + Esc.
   2. Go to the Startup apps tab and disable entries tied to old remote management or network tools you no longer use.
   3. Then return to services.msc and review services with descriptions related to remote access, file sharing, or legacy protocols.
   4. Do not disable services unless you recognize them or have confirmed they are unnecessary.

5. Check Windows Defender Firewall rules

   1. Press Windows + R, type wf.msc, and press Enter.
   2. Click Inbound Rules.
   3. Look for rules related to Telnet, SMB, TFTP, or other legacy services.
   4. Right-click unused rules and choose Disable Rule.

6. Restart and verify the changes

   1. Restart your PC.
   2. Open Windows Features again and confirm the legacy components remain unchecked.
   3. If you use a security scanner, run it again to confirm the warnings are gone.

Fix It Automatically with Kudu

Kudu can scan your PC for outdated Windows features, unnecessary startup items, and legacy services that increase security risk. Instead of checking Windows Features, Services, and firewall rules one by one, Kudu helps identify what is safe to disable and simplifies the cleanup.

Download Kudu Free →