Some times some of the rare topics strike in mind, yesterday some office mates are discussing how many network devices are still running telnet for communication in Nepal. The question took us to some level of research and found the exciting conclusion which I am presenting here. Not much but 9,095 devices are running telnet service and all of are from Internet Service Provider(ISP).
Interesting that all of then are belongs to well-known ISP of Nepal. This much number of devices in Nelnet service is not shocking that around 9000 devices are maintaining their communication over the plain text without any encryption. I try to search the online devices using banner grabber method which gave me only 50 devices online, but I thought that telnet port number is 23 so again I filter may search using port 23. WOW!! Almost 10,000 devices are seen online with telnet running.
Let’s expose the report based on city Lalitpur 573 Lumbini 562 and Bharatpur 42 Kathmandu 6,125 So not just in Kathmandu, on other major city has the same method. On another way from vendor wise, the Cisco router is running 203, Cisco catalyst switch has 18, and Siemens HiPath 3000 has three telnet service running. Also, we filter it from ISP wise, SingNet Pte Ltd has 583, Nepal Telecom has 4,493, Websurfer Nepal has 159 WorldLink Communications has 1,084, Otel Communication has 642 and number of devices running telnet on the public domain.
Impact
Telnet is one of the communicating protocol which works on both as network protocol as well as an application. Mostly telnet is used to communicate to a remote computer and hitting command on that computer as like a remote control. Telnet is one of the oldest protocol which can be used for various reason. Here we can see some example in (Telnet.org)
• Telnet to a server running BBS software and use various features
• Telnet to a server running a MUD and play games
• Telnet to a server and run a command line application such as pine to check mail
• Issue various Linux commands
• Telnet to a router and its IOS configuration commands (commands for Cisco IOS etc.)
• Telnet to an HTTP port and issue test HTTP commands
Usually, Telnet doesn’t include any encryption of data traffic and is therefore susceptible to aka packet sniffing (eavesdropping). Nowadays telnet has been replacing by SSH for enhancement of security over untrusted networks.
My conclusion.
I conclude d that most of the ISP’s admin person does not care about their network service, especially in the end devices. This does not create a problem on the security of the client information but while doing their task of network management SSH is there, Attackers can grab the information about devices information including their password, so the responsible person and network admins should be aware of the security of information which is precious at this ers. The device must be maintained as defined in standard guidelines, i.e., SANS/NIST
