Found it. telnet://route-server.he.net On Nov 11, 2014 6:05 AM, "Javier J" <jav...@advancedmachines.us> wrote:
> I agree with you 100 percent. But my point is. Telnet in and of itself > isn't broken. Not that I would want to leave it open to the world. He.net > has a router you can log into over telnet with no auth. Forgot URL but you > can find it on their site. > On Nov 11, 2014 4:05 AM, "Karl Auer" <ka...@biplane.com.au> wrote: > >> On Tue, 2014-11-11 at 03:32 -0500, Javier J wrote: >> > Is there a vulnerability in telnet to be exploited? If not it might be >> on >> > purpose. I know of switching gear that is publicly accessible via >> telnet. >> >> telnet does not of itself encrypt anything. If you log in somewhere via >> telnet, everything that passes between you and the remote end is passing >> in clear text. That is true for all data sent to you or from you during >> the whole session, but especially for the username and password you may >> have used to log in with. >> >> Unless you have secured the channel by some other means (an encrypted >> tunnel, for example) or you own and control and can vouch for every >> piece of the infrastructure between you and the remote end, using telnet >> is just about the most insecure thing you can do short of mailing stuff >> to yourself on postcards. >> >> Someone who puts a real switch doing real work on the Internet with >> working telnet access is asking to have at least the switch compromised >> very quickly. A plaything, a honeypot, or a teaching tool - maybe. >> Anything else, probably a bad idea. Remember that if I own your switch, >> I own all the data sent to or from any system connected to that >> switch... >> >> Regards, K. >> >> -- >> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ >> Karl Auer (ka...@biplane.com.au) >> http://www.biplane.com.au/kauer >> http://twitter.com/kauer389 >> >> GPG fingerprint: EC67 61E2 C2F6 EB55 884B E129 072B 0AF0 72AA 9882 >> Old fingerprint: B862 FB15 FE96 4961 BC62 1A40 6239 1208 9865 5F9A >> >> >>