Hackers Bringing Telnet Back

← Back to Stories (view on slashdot.org)

Posted by CmdrTaco on Thursday January 27, 2011 @01:52AM from the gopher-still-dead dept.

alphadogg writes "A new report from Akamai Technologies (CT: Requires login) shows that hackers appear to be increasingly using the Telnet remote access protocol to attack corporate servers over mobile networks. The report, which covers the third quarter of 2010, shows that 10 percent of attacks that came from mobile networks are directed at Port 23, which Telnet uses. That marks a somewhat unusual spike for the aging protocol used to log into remote servers but that has been gradually replaced by SSH."

15 of 238 comments (clear)

Min score:

Reason:

Sort:

Re:who still uses telnet? by maotx · 2011-01-27 02:02 · Score: 5, Informative

I do whenever I need my Star Wars Fix. Just telnet to towel.blinkenlights.nl.

--
I'm a virgo and on Slashdot. Coincidence? Yes.
People stopped using Telnet? by Raxxon · 2011-01-27 02:04 · Score: 4, Insightful

I use telnet constantly. Port 110 to check for a broken email header, Port 25 to check for SMTP auth errors, Port 3200 to check for the present of a NetGen DSS unit, etc, etc... I love telnet. Simple 3-way handshake and boom, datastream.
1. Re:People stopped using Telnet? by Notquitecajun · 2011-01-27 02:06 · Score: 5, Funny
  
  You play a MUD still, too. Admit it.
2. Re:People stopped using Telnet? by Ephemeriis · 2011-01-27 02:19 · Score: 4, Insightful
  
  I use telnet constantly. Port 110 to check for a broken email header, Port 25 to check for SMTP auth errors, Port 3200 to check for the present of a NetGen DSS unit, etc, etc... I love telnet. Simple 3-way handshake and boom, datastream.
  Sure, the telnet client is useful. I use it all the time for those very same reasons.
  But actually running a telnet server and allowing incoming connections on port 23? Nope. Stopped doing that for everything I could years ago, switched to SSH on everything that would support it. The things that wouldn't support it were all tucked away on our inside network. I've got nothing facing the world that'll accept connections on port 23.
  
  --
  "Work is the curse of the drinking classes." -Oscar Wilde
3. Re:People stopped using Telnet? by vagabond_gr · 2011-01-27 02:22 · Score: 5, Funny
  
  I'm using telnet for ssh too. Doing RSA in your head is a bit tricky at first, but once you get used to it it's really convenient.
  PS. For a real challenge try to PPP authenticate over dial-up using your voice.
4. Re:People stopped using Telnet? by LordLimecat · 2011-01-27 02:30 · Score: 4, Informative
  
  So you mean telnet the program, not telnet the protocol-- what the article was about?
5. Re:People stopped using Telnet? by XorNand · 2011-01-27 02:40 · Score: 4, Insightful
  
  netcat ("nc" on most Linux distros) provides the same functionality. However, it's also more flexible in that it allows you to test UDP ports and you can easily set it up to listen for incoming connections on an arbitrary port. It's a great tool for troubleshooting firewall issues.
  
  --
  Entrepreneur : (noun), French for "unemployed"
A tip for management by goodmanj · 2011-01-27 02:05 · Score: 5, Insightful

If you manage your company or institution's IT department, please do the following:
Step 1: Turn on "telnet" on your PC. (Of course you Windows, you're management, right?)
Step 2: Try to "telnet" to your company's website, or to any other machine or service names your underlings bandy about.
Step 3: If you don't see "Connection refused" every time, FIRE EVERYONE WHO REPORTS TO YOU.
1. Re:A tip for management by dr2chase · 2011-01-27 02:38 · Score: 4, Funny
  
  I think it would be ok if it said, "Hello, I am Eliza."
Misleading headline by antifoidulus · 2011-01-27 02:09 · Score: 4, Insightful

Um, the reason they are using telnet is because it's trivial to hack, in other words the headline should read "hackers hacking easiest to hack service on poorly configured machines, also water is wet, details at 11"

--
Monstar L
Hackers Bringing Telnet Back? by crow_t_robot · 2011-01-27 02:12 · Score: 5, Insightful

How can hackers bring telnet attacks back if admins don't run telnet? Should the headline say "Admins are bringing telnet back and getting bitten in the ass for it?"
Re:Good ole days by John+Hasler · 2011-01-27 02:39 · Score: 4, Insightful

If telnet reminds you of when you were young you aren't old.

--
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
Get your hackin' on by llManDrakell · 2011-01-27 03:21 · Score: 4, Funny

I'm bringin' telnet back.
Them other protocols don't know how to act.
I think it's special what's inside your rack.
So enable the service and I'll begin to hack.
They are forgetting something... by CoolVibe · 2011-01-27 04:16 · Score: 4, Insightful

Seeing traffic on port 23 does not mean telnet is involved. I know some people who run their SSH daemon on that port to lessen the stupid ssh scans.
Printers? by Culture20 · 2011-01-27 05:49 · Score: 4, Informative

I just realized; almost every network printer out there uses telnet for remote configuration. Maybe there was a new vulnerability found on a specific type of printer that allows forwarding of the printed pages back to the script kiddies?