Can hackers only hack you if you have telnet server enabled?

Firstly, Telnet is kind of like a software which allows you to access any remote machine which has a telnet server enabled in it. To connect to that remote computer (in which the telnet server is enabled), you need to know the username and password which is given to you by the owner of that remote machine (or the Systems Administrator). So if you have the username and password you can connect to the remote telnet server.

If u meant if telnet logins can be hacked through the network. The answer is Yes! Telnet sends usernames and passwords without any sort of encrption through the network. So, if someone tries to login to the telnet server, you can sniff your network traffic(using tools like Wireshark) and get the username and passwords.

It sounds like the person that gave you the information is not that familiar with network security. That person may be referring to telnet because of the fact that some of the hacks produce a remote command line type of console for the attacker to run commands on the target computer. That isn't telnet.

To hack a system, the system has to have an open port to allow other systems to connect to it. For a system that has no open port, the hack would need to be initiated from the target system, as in te case where someone may send you an email that had links for you to click, or the user visits a web site that has malicious code.

So in the example where there is an open port, say something common like 80 because web services are running, the attacker would send traffic to that port and the code would do something to crash, or insert code to make the target system do something like allow the attacker to take control.