Asia Struggles to Block Telnet Traffic
These articles are AI-generated summaries. Please check the original sources for full details.
Telnet Continues to Be Major Issue for Asia
The recent critical vulnerability in the GNU InetUtils telnet server has highlighted the risks posed by the outdated Telnet protocol, with many devices and consumer-grade routers in the Asia-Pacific region continuing to use it, despite a recent 83% decline in average Telnet traffic globally. According to data from GreyNoise, a threat intelligence firm, Taiwan blocked 77% of Telnet sessions, while other countries in the region, such as India, Japan, and China, saw smaller decreases, with 70%, 65%, and 59% of Telnet traffic blocked, respectively.
Why This Matters
The persistence of Telnet traffic in the Asia-Pacific region underscores the technical reality that many organizations and individuals are slow to adopt more secure protocols, such as SSH, and that the ideal model of a secure network is often not implemented in practice, resulting in significant security risks and potential costs, with the Shadowserver Foundation estimating that there are 839,000 active Internet addresses globally with an accessible Telnet device, and about half of these being in the Asia-Pacific region.
Key Insights
- 83% decline in average Telnet traffic globally, according to GreyNoise data: this decline was observed in a three-hour period on January 14, with Telnet traffic dropping from about 65,000 sessions per hour to 11,000 sessions per hour.
- Telnet traffic blocked by governments: Taiwan blocked 77% of Telnet sessions, India stopped 70%, Japan curtailed 65%, and China filtered 59%, according to GreyNoise data.
- Use of SSH as a secure alternative to Telnet: SSH is a more secure protocol that should be used instead of Telnet, according to Piotr Kijewski, CEO of the Shadowserver Foundation.
Working Example
# Example of how to scan for open Telnet ports using Nmap
nmap -sT -p 23 <target_IP>Practical Applications
- Use Case: Organizations in the Asia-Pacific region, such as those in Taiwan, can block Telnet traffic to reduce the risk of cyber attacks, by implementing firewalls and intrusion detection systems that detect and block Telnet traffic.
- Pitfall: Failing to block Telnet traffic can result in significant security risks, including the potential for devices to be compromised by attackers, and the spread of malware, as seen in the case of the Mirai botnet.
References:
Continue reading
Next article
Better Stack vs UptimeRobot: Choosing the Right Monitoring Tool
Related Content
Microsoft Mitigates Record 15.72 Tbps DDoS Attack Driven by AISURU Botnet
Microsoft neutralized a record 15.72 Tbps DDoS attack, the largest observed in the cloud, originating from the AISURU IoT botnet.
JPCERT Confirms Active Command Injection Attacks on Array AG Gateways
JPCERT confirms command injection attacks on Array AG gateways via DesktopDirect since August 2025, with patches released in May 2025.
Cisco Patches ISE Security Vulnerability After Public PoC Exploit Release
Cisco addressed CVE-2026-20029, a medium-severity flaw in ISE and Snort 3, after a public proof-of-concept exploit became available.