Port Authority Edition – Internet Vulnerability Profiling
by Steve Gibson,  Gibson Research Corporation.





Goto Port 22
Probe Port 23
Enter Port: 0-65535
Goto Port 24



Port Authority Database

Port 23

Name: 
telnet

Purpose: 
Telnet

Description: 
Telnet is one of the earliest, original protocols of the Internet. A machine offering Telnet services is essentially offering to accept an "across the Internet" remote console terminal connection from any client device. This makes Telnet quite powerful and, without proper security, a significant security concern.

Related Ports: 
161




Background and Additional Information:

Although "user friendly" web browser interfaces are becoming popular and are moving to replace Telnet as a means for network configuration of local and remote devices, Telnet has historically been the means by which routers, firewalls, and all manner of remote Internet devices were configured, updated, and maintained.

A Telnet client program presents a terminal-like window to its user and, when given a remote IP and optional port (port 23 is the default) attempts to connect to the remotely located machine to initiate a Telnet session. Since anyone with access to the network — or Internet — can access the Telnet server running in a device, the user must typically log onto the device with a user name and password.

A significant lack of security is created by devices which ship, by default, with Telnet servers running and with well known default, blank, or obvious user names (such as "Admin") or passwords (such as "password"). This has made Telnet a source of a great deal of security grief through the years.

Due to the tremendous potential for abuse, hackers generally take an immediate interest in any system that is presenting an open Telnet port to the Internet. If our tests have shown an open Telnet port on your system, immediate action should be taken to shut down, protect, or hide this service from the Internet.

The Telnet RFC (the complete specification)

The specification of every nuance and detail of the Telnet protocol, as written by the people who invented it, may be found here:

  http://www.ietf.org/rfc/rfc854.txt

  http://www.faqs.org/rfcs/rfc854.html

Trojan Sightings: ADM worm, Fire HacKer, My Very Own trojan, RTB 666, Telnet Pro, Tiny Telnet Server - TTS, Truva Atl

The entire contents of this page is copyright © 2008 by Gibson Research Corporation.


Jump to top of page
Gibson Research Corporation is owned and operated by Steve Gibson.  The contents
of this page are Copyright (c) 2024 Gibson Research Corporation. SpinRite, ShieldsUP,
NanoProbe, and any other indicated trademarks are registered trademarks of Gibson
Research Corporation, Laguna Hills, CA, USA. GRC's web and customer privacy policy.
Jump to top of page