Kind of sad

Javier J javier at
Tue Nov 11 11:07:25 UTC 2014

Found it.

 On Nov 11, 2014 6:05 AM, "Javier J" <javier at> wrote:

> I agree with you 100 percent. But my point is. Telnet in and of itself
> isn't broken. Not that I would want to leave it open to the world.
> has a router you can log into over telnet with no auth. Forgot URL but you
> can find it on their site.
> On Nov 11, 2014 4:05 AM, "Karl Auer" <kauer at> wrote:
>> On Tue, 2014-11-11 at 03:32 -0500, Javier J wrote:
>> > Is there a vulnerability in telnet to be exploited? If not it might be
>> on
>> > purpose. I know of switching gear that is publicly accessible via
>> telnet.
>> telnet does not of itself encrypt anything. If you log in somewhere via
>> telnet, everything that passes between you and the remote end is passing
>> in clear text. That is true for all data sent to you or from you during
>> the whole session, but especially for the username and password you may
>> have used to log in with.
>> Unless you have secured the channel by some other means (an encrypted
>> tunnel, for example) or you own and control and can vouch for every
>> piece of the infrastructure between you and the remote end, using telnet
>> is just about the most insecure thing you can do short of mailing stuff
>> to yourself on postcards.
>> Someone who puts a real switch doing real work on the Internet with
>> working telnet access is asking to have at least the switch compromised
>> very quickly. A plaything, a honeypot, or a teaching tool - maybe.
>> Anything else, probably a bad idea. Remember that if I own your switch,
>> I own all the data sent to or from any system connected to that
>> switch...
>> Regards, K.
>> --
>> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>> Karl Auer (kauer at
>> GPG fingerprint: EC67 61E2 C2F6 EB55 884B E129 072B 0AF0 72AA 9882
>> Old fingerprint: B862 FB15 FE96 4961 BC62 1A40 6239 1208 9865 5F9A

More information about the NANOG mailing list