2026-01-14: The Day the telnet Died

Submitted ⁨⁨1⁩ ⁨day⁩ ago⁩ by ⁨Bishma@discuss.tchncs.de⁩ to ⁨technology@lemmy.world⁩

https://www.labs.greynoise.io/grimoire/2026-02-10-telnet-falls-silent/

On January 14, 2026, global telnet traffic observed by GreyNoise sensors fell off a cliff. A 59% sustained reduction, eighteen ASNs going completely silent, five countries vanishing from our data entirely. Six days later, CVE-2026-24061 dropped. Coincidence is one explanation.

The pattern points toward one or more North American Tier 1 transit providers implementing port 23 filtering

source

Comments

Sort:hotnew top

dparticiple@sh.itjust.works ⁨1⁩ ⁨day⁩ ago
I share the author’s nostalgia for Telnet, as a kid who spent many lost hours trying to telnet into “interesting things” at the dawn of the internet. It is, however, long past time for the protocol to die and force ancient and insecure things to be retired. Thus might just do it.

source
- adespoton@lemmy.ca ⁨1⁩ ⁨day⁩ ago
  But telnet is just a bidirectional TCP connection. You can run any terminal emulation you want over it, and run it on any port you want.
  
  The telnetd service on the other hand… that has no reason to still be internet-facing.
  
  source
  - dparticiple@sh.itjust.works ⁨1⁩ ⁨day⁩ ago
    Good point. I was referring more to telnetd as an unencrypted client-server protocol, typically to port 23. Often unauthenticated, ripe for MITM attacks.
    
    That needs to end.
    
    source
    -> View More Comments
  - FauxPseudo@lemmy.world ⁨1⁩ ⁨day⁩ ago
    I used to debug POP3 issues by going through sessions one line at a time via telnet. Occasionally HTTP sessions too.
    
    source
    -> View More Comments
  - floquant@lemmy.dbzer0.com ⁨9⁩ ⁨hours⁩ ago
    Any reason to pick that over netcat though?
    
    source
    -> View More Comments
Zwuzelmaus@feddit.org ⁨1⁩ ⁨day⁩ ago
Telnet is still a quick and easy way to check if a certain port on a machine is listening.

But that’s not what it was made for, of course. It’s real meaning has gone down long ago.

source
- deegeese@sopuli.xyz ⁨1⁩ ⁨day⁩ ago
  Can do nc now which is more flexible for connectivity tests.
  
  source
brickfrog@lemmy.dbzer0.com ⁨1⁩ ⁨day⁩ ago
It’s an interesting write up… I’m a bit surprised there are/were that many internet facing telnetd instances online. Maybe it’s just the sheer amount of ancient routers & such that were deployed with telnet enabled by default and are still plugged in/running to this day.

source
Pogogunner@sopuli.xyz ⁨1⁩ ⁨day⁩ ago
The exploitation of this issue is so ridiculously trivial, I’m shocked it took 11 years to discover

source
- Jolteon@lemmy.zip ⁨23⁩ ⁨hours⁩ ago
  To be fair, Telnet was already mostly dead in 2015.
  
  source
  - kernelle@lemmy.dbzer0.com ⁨21⁩ ⁨hours⁩ ago
    Yeah at least, it died with the rise of encryption
    
    source
Deebster@programming.dev ⁨1⁩ ⁨day⁩ ago

Bad news on the backbone
I couldn’t scan a single ASN

I’m trying to figure out what pronunciation or accent the author speaks in to have this rhyme. A heavy South African accent, so backbone is more like “berckben”? Pronouncing ASN as “a-sone”?

source