Sign In
- Platform
- Solutions
- Modern NDR
- Resources
- Company
Platform
Modern NDR
Resources
Platform
Modern NDR
Resources
DETECTION OVERVIEW
Risk Factors
While Telnet is an older and vulnerable protocol, it is often enabled by default. If an attacker gains access to a poorly-secured Telnet device, they can easily transfer data. Unusual data transfers can be associated with risky activity such as sharing malicious files between compromised devices or data staging. Data staging is the process of collecting and preparing data for exfiltration. Depending on the sensitivity of the transferred files, the impact can be devastating if important, proprietary, or customer data is leaked.
The system might change the risk score for this detection.
Kill Chain
Risk Score
60
N/A
Implement strict rules for outbound traffic on devices that contain valuable data
Track suspicious activity by implementing strict audit controls on important documents
Disable Telnet unless required
If you cannot disable Telnet, limit the number of login attempts and enforce a strong password policy
Configure a firewall to block untrusted IP addresses from accessing devices that have Telnet enabled
Implement strict access controls to devices that have Telnet enabled
