to reiterate Florian_Cheval feedback from my "Idea" thread:
"Disabling/removing any piece of software that is not strictly necessary to the operation of a server is considered a good security practice.
If a malevolent individual gets a shell access to any server where telnet or nc is installed, you just made it super easy for him/her to start establishing network connections to all servers in the vicinity (even with a service account).
So yes, removing telnet is a good and common security practice. We already used to do that at my previous employer 10 years ago ☺"
Let's not start on this thread also, Hiko_Davis ........... , going back and forth.
Cheers,
Manish