Some times some of rare topics strikes in mind, yesterday some office mates are discussing about how many network devices are still running telnet for communication in Nepal. The topic took us to a some level of research and found the interesting conclusion which I am presenting here. Not much but 9,095 devices are running telnet service and all of are from Internet service Provider(ISP). Interesting that all of then are belongs to well known ISP of Nepal. This much number of devices in Nelnet service is not really shocking that around 9000 devices are maintaining their communication over the plain text without any encryption. I try to search the online devices using banner grabber method which gave me only 50 devices online but I thought that telnet port number is 23 so again I filter may search using port 23. WOW!! Almost 10,000 devices are seen online with telnet running.
Let’s expose the report based on city Lalitpur 573 Lumbini 562 and Bharatpur 42 Kathmandu 6,125 So not just in Kathmandu, on other major city has the same metod. On another way from vendor wise, Cisco router is running 203, Cisco catalyst switch has 18 and Siemens HiPath 3000 has 3 telnet service running. In addition, we filter it from ISP wise, , SingNet Pte Ltd has 583 ,Nepal Telecom has 4,493, Websurfer Nepal has 159 WorldLink Communications has 1,084, Otel Communication has 642 and number of devices running telnet on public domain.
Telnet is one of the communicating protocol which work on both as network protocol as well as an application. Mostly telnet is used to communicate to remote computer and hitting command on those computer as like a remote control. Telnet is one of the oldest protocol which can be used for various reason. Here we can see some example in (Telnet.org)
• Telnet to a server running BBS software and use various features
• Telnet to a server running a MUD and play games
• Telnet to a server and run a command line application such as pine to check mail
• Issue various Linux commands
• Telnet to a router and its IOS configuration commands (commands for Cisco IOS etc.)
• Telnet to an http port and issue test HTTP commands
Normally Telnet doesn’t include any kind of encryption of data traffic and is therefore susceptible to aka packet sniffing (eavesdropping). Now a days telnet has been replaces by SSH for enhancement of security over untrusted networks.
I came to conclusion that most of the ISP’s admin person does not care about their network service especially in the end devices. This does not create problem on security of the client information but while doing their task of network management SSH is there, Attackers can grab the information about devices information including their password, so the responsible person and network admins should be aware on the security of information which is precious at this ers. Device must be maintained as defined in standard guidelines i.e. SANS/NIST