Submitted 3 weeks ago by Bishma@discuss.tchncs.de to technology@lemmy.world
https://www.labs.greynoise.io/grimoire/2026-02-10-telnet-falls-silent/
On January 14, 2026, global telnet traffic observed by GreyNoise sensors fell off a cliff. A 59% sustained reduction, eighteen ASNs going completely silent, five countries vanishing from our data entirely. Six days later, CVE-2026-24061 dropped. Coincidence is one explanation.
The pattern points toward one or more North American Tier 1 transit providers implementing port 23 filtering
Telnet is still a quick and easy way to check if a certain port on a machine is listening.
But that’s not what it was made for, of course. It’s real meaning has gone down long ago.
Can do nc now which is more flexible for connectivity tests.
The exploitation of this issue is so ridiculously trivial, I’m shocked it took 11 years to discover
To be fair, Telnet was already mostly dead in 2015.
Yeah at least, it died with the rise of encryption
It’s an interesting write up… I’m a bit surprised there are/were that many internet facing telnetd instances online. Maybe it’s just the sheer amount of ancient routers & such that were deployed with telnet enabled by default and are still plugged in/running to this day.
Bad news on the backbone
I couldn’t scan a single ASN
I’m trying to figure out what pronunciation or accent the author speaks in to have this rhyme. A heavy South African accent, so backbone is more like “berckben”? Pronouncing ASN as “a-sone”?
dparticiple@sh.itjust.works 3 weeks ago
I share the author’s nostalgia for Telnet, as a kid who spent many lost hours trying to telnet into “interesting things” at the dawn of the internet. It is, however, long past time for the protocol to die and force ancient and insecure things to be retired. Thus might just do it.
adespoton@lemmy.ca 3 weeks ago
But telnet is just a bidirectional TCP connection. You can run any terminal emulation you want over it, and run it on any port you want.
The telnetd service on the other hand… that has no reason to still be internet-facing.
dparticiple@sh.itjust.works 3 weeks ago
Good point. I was referring more to telnetd as an unencrypted client-server protocol, typically to port 23. Often unauthenticated, ripe for MITM attacks.
That needs to end.
FauxPseudo@lemmy.world 3 weeks ago
I used to debug POP3 issues by going through sessions one line at a time via telnet. Occasionally HTTP sessions too.
floquant@lemmy.dbzer0.com 2 weeks ago
Any reason to pick that over netcat though?
Treczoks@lemmy.world 2 weeks ago
I remember using telnet on a Palm Pilot, linked to the internet via IRDA to my (pre-smart) cell phone to log into my companies’ server to fix something while I was on holidays.
dparticiple@sh.itjust.works 2 weeks ago
Similar memories here. The first time I went on IRC using a Palm Pilot connected to a Ricochet modem, while in a moving vehicle (not driving!) felt like magic.
how_we_burned@lemmy.zip 2 weeks ago
We had a transmitter on our building for satalite backhaul. I used to have fun using it to telnet into various stuff in orbit.
You’d be surprise at how many times they didn’t even bother with credentials.
dparticiple@sh.itjust.works 2 weeks ago
Indeed, it’s amazing how much stuff was / is out there in the open.
Hobbyist use of unencrypted protocols like telnet can be very educational, and the other commenter is right that not everything needs to be encrypted, especially within the confines of a homelab, for instance.
My support for ending telnet use is much more about things like IoT systems, industrial hardware and so on talking in the clear and being vulnerable to compromise.
This isn’t about telnet, per se, but is a good example of the problem: news.satnews.com/…/russia-intercepts-europes-key-…