Learn more about Telnet, it's risks, and how to help your client properly secure their infrastructure.
Telnet is an early application protocol, the presence of which triggers an alert from Corvus when identified on a policyholder's IT system. Click here to learn about dynamic security alerts.
Publicly available Telnet service can leave your clients vulnerable to data leaks of information like usernames and passwords. Because Telnet is one of the earliest remote login protocols on the Internet, initially released in 1969, it provides no built-in security measures and suffers from serious security issues. The use of Telnet over the public Internet should be avoided due to the risk of exposing usernames and passwords to the attacker, and increasing the likelihood of exploitation.
Best Practices for Securing Telnet
Replacing insecure Telnet with Secure Shell (SSH) is the ideal resolution. We recommend that your clients take the following steps to address their Telnet vulnerability.
- Work with their IT team to investigate the vulnerability
- Implement SSH (Secure Shell) as a secure alternative to Telnet
- Let Corvus know that the vulnerability has been resolved or mitigated by emailing firstname.lastname@example.org. We're also here to answer questions about how to resolve an issue.