DETECTION OVERVIEW

Telnet Password

Risk Factors

While Telnet is an older and vulnerable protocol, it is often enabled by default. Brute force attacks are low cost and relatively easy to perform, so they are common. If an attacker gains entry to your network through a poorly-secured workstation, it can lead to further exploits of higher-value assets. It is worth your time to secure workstations by adding strict password requirements.

The system might change the risk score for this detection.

Kill Chain

Exploitation

Risk Score

—

Attack Background

Brute force attacks can occur manually through trial and error or with password cracking tools. The attacker makes repeated attempts to try all possible variations of a password. There are variations of a brute force attack that include a dictionary attack, where the attacker tests a large number of common passwords. Brute force attacks can also occur through a small number of attempts across a large number of hosts or password spraying, where a small list of common passwords are attempted across a large number of accounts.

Mitigation Options

Disable Telnet entirely and switch to secure shell (SSH)

If you cannot disable Telnet, limit the number of login attempts, enforce a strong password policy, isolate your Telnet server from other devices, and restrict connections to the local network

Professional Services

Partners

Partner Login

Partner Finder

View All Use Cases

View All Industries

View All Integrations

Attack Background

Mitigation Options

MITRE ATT&CK ID

What else can RevealX do for you?

View our Periodic Table of use cases