Where possible, use modern encrypted protocols such as SSH and SNMPv3. Disable legacy unencrypted protocols such as Telnet and SNMPv1 or v2c.Whitelist the network or host from which the VPN connection is allowed, and deny all others. If access to the management interface cannot be restricted to an internal trusted network, restrict remote management access via encrypted VPN capability where both ends are mutually authenticated. The best practice is to block internet-sourced access to the device management interface and restrict device management to an internal trusted and whitelisted host or LAN. Do not allow internet access to the management interface of any network device.When encrypted protocols such as SSH, HTTPS, or TLS are not possible, management activities from outside the organizsation should be done through an encrypted Virtual Private Network (VPN) where both ends are mutually authenticated. Do not allow unencrypted (i.e., plaintext) management protocols (e.g., Telnet) to enter an organization from the internet.If these services are in use, the NCSC recommends the following: Simple Network Management Protocol (SNMP, ports 161/162).Hypertext Transport Protocol (HTTP, port 80).CLI strings may reveal login procedures, presentation of user credentials, commands to display boot or running configuration, copying files, and creation or destruction of GRE tunnels, etc.Ī briefing from the U.K.-based National Cyber Security Centre (NCSC) recommends that you check your network for any devices running unencrypted management protocols such as: ![]() ![]() Why worry about Telnet network traffic?īecause Telnet is an unencrypted protocol, session traffic will reveal command line interface (CLI) command sequences appropriate for the make and model of the device. This is important when it comes to detecting Telnet on your network, since you can’t just go off looking for devices that are listening on TCP port 23. Telnet typically uses Transmission Control Protocol (TCP) port 23, but traffic can be directed to a wide range of TCP ports such as 80, 8080, etc. Telnet was developed in 1969 and it is still widely used today for configuring network devices. Telnet is one of the oldest network protocols used on the internet or local area networks to provide a bidirectional, interactive, text-oriented communication facility using a virtual terminal connection. Last updated at Thu, 19:22:33 GMT What is Telnet?
0 Comments
Leave a Reply. |