Kind of sad that the state govs don't curtail telnet,,, [root@bighughness ~]# telnet 167.240.254.155 623 Trying 167.240.254.155... Connected to external-dns1.state.mi.us (167.240.254.155). Escape character is '^]'. Username:root Password:
Generally speaking its a bad idea to show you hacking into a server. Makes it to easy to prosecute those who do.
On Mon, Nov 10, 2014 at 3:58 PM, Mike Hale <eyeronic.design@gmail.com> wrote:
That's a far, far cry from hacking...
Maybe in your opinion, but not the opinion of the very same people who were stupid enough to keep telnet open. ...and those same people have armies with guns. So my opinion and your opinion don't really matter. ;) -A
Aaron C. de Bruyn wrote:
On Mon, Nov 10, 2014 at 3:58 PM, Mike Hale <eyeronic.design@gmail.com> wrote:
That's a far, far cry from hacking... Maybe in your opinion, but not the opinion of the very same people who were stupid enough to keep telnet open. ...and those same people have armies with guns. So my opinion and your opinion don't really matter. ;)
-A Not sure I'd be all that worried about state.mi.us's Army.
On the other hand, I might try to sell them some penetration testing and security hardening services :-)
Generally speaking its best you do what your good at and this is not it. Exposing there is a window open to a gov agency is not hacking, trust me. I would say go back to fathering children and once you have a few more years under your belt feel free to join in. On Mon, Nov 10, 2014 at 5:48 PM, Brian Henson <marine64@gmail.com> wrote:
Generally speaking its a bad idea to show you hacking into a server. Makes it to easy to prosecute those who do.
Ha ya know what they say... Don't ever trust someone that says "trust me..." -- Jason Hellenthal Mobile: +1 (616) 953-0176 jhellenthal@DataIX.net JJH48-ARIN On Nov 10, 2014, at 21:43, Joe <jbfixurpc@gmail.com> wrote: Generally speaking its best you do what your good at and this is not it. Exposing there is a window open to a gov agency is not hacking, trust me. I would say go back to fathering children and once you have a few more years under your belt feel free to join in.
On Mon, Nov 10, 2014 at 5:48 PM, Brian Henson <marine64@gmail.com> wrote:
Generally speaking its a bad idea to show you hacking into a server. Makes it to easy to prosecute those who do.
Is there a vulnerability in telnet to be exploited? If not it might be on purpose. I know of switching gear that is publicly accessible via telnet. On Mon, Nov 10, 2014 at 10:58 PM, Jason Hellenthal <jhellenthal@dataix.net> wrote:
Ha ya know what they say... Don't ever trust someone that says "trust me..."
-- Jason Hellenthal Mobile: +1 (616) 953-0176 jhellenthal@DataIX.net JJH48-ARIN
On Nov 10, 2014, at 21:43, Joe <jbfixurpc@gmail.com> wrote:
Generally speaking its best you do what your good at and this is not it.
Exposing there is a window open to a gov agency is not hacking, trust me. I would say go back to fathering children and once you have a few more years under your belt feel free to join in.
On Mon, Nov 10, 2014 at 5:48 PM, Brian Henson <marine64@gmail.com> wrote:
Generally speaking its a bad idea to show you hacking into a server. Makes it to easy to prosecute those who do.
On Tue, 2014-11-11 at 03:32 -0500, Javier J wrote:
Is there a vulnerability in telnet to be exploited? If not it might be on purpose. I know of switching gear that is publicly accessible via telnet.
telnet does not of itself encrypt anything. If you log in somewhere via telnet, everything that passes between you and the remote end is passing in clear text. That is true for all data sent to you or from you during the whole session, but especially for the username and password you may have used to log in with. Unless you have secured the channel by some other means (an encrypted tunnel, for example) or you own and control and can vouch for every piece of the infrastructure between you and the remote end, using telnet is just about the most insecure thing you can do short of mailing stuff to yourself on postcards. Someone who puts a real switch doing real work on the Internet with working telnet access is asking to have at least the switch compromised very quickly. A plaything, a honeypot, or a teaching tool - maybe. Anything else, probably a bad idea. Remember that if I own your switch, I own all the data sent to or from any system connected to that switch... Regards, K. -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Karl Auer (kauer@biplane.com.au) http://www.biplane.com.au/kauer http://twitter.com/kauer389 GPG fingerprint: EC67 61E2 C2F6 EB55 884B E129 072B 0AF0 72AA 9882 Old fingerprint: B862 FB15 FE96 4961 BC62 1A40 6239 1208 9865 5F9A
I agree with you 100 percent. But my point is. Telnet in and of itself isn't broken. Not that I would want to leave it open to the world. He.net has a router you can log into over telnet with no auth. Forgot URL but you can find it on their site. On Nov 11, 2014 4:05 AM, "Karl Auer" <kauer@biplane.com.au> wrote:
On Tue, 2014-11-11 at 03:32 -0500, Javier J wrote:
Is there a vulnerability in telnet to be exploited? If not it might be on purpose. I know of switching gear that is publicly accessible via telnet.
telnet does not of itself encrypt anything. If you log in somewhere via telnet, everything that passes between you and the remote end is passing in clear text. That is true for all data sent to you or from you during the whole session, but especially for the username and password you may have used to log in with.
Unless you have secured the channel by some other means (an encrypted tunnel, for example) or you own and control and can vouch for every piece of the infrastructure between you and the remote end, using telnet is just about the most insecure thing you can do short of mailing stuff to yourself on postcards.
Someone who puts a real switch doing real work on the Internet with working telnet access is asking to have at least the switch compromised very quickly. A plaything, a honeypot, or a teaching tool - maybe. Anything else, probably a bad idea. Remember that if I own your switch, I own all the data sent to or from any system connected to that switch...
Regards, K.
-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Karl Auer (kauer@biplane.com.au) http://www.biplane.com.au/kauer http://twitter.com/kauer389
GPG fingerprint: EC67 61E2 C2F6 EB55 884B E129 072B 0AF0 72AA 9882 Old fingerprint: B862 FB15 FE96 4961 BC62 1A40 6239 1208 9865 5F9A
Found it. telnet://route-server.he.net On Nov 11, 2014 6:05 AM, "Javier J" <javier@advancedmachines.us> wrote:
I agree with you 100 percent. But my point is. Telnet in and of itself isn't broken. Not that I would want to leave it open to the world. He.net has a router you can log into over telnet with no auth. Forgot URL but you can find it on their site. On Nov 11, 2014 4:05 AM, "Karl Auer" <kauer@biplane.com.au> wrote:
On Tue, 2014-11-11 at 03:32 -0500, Javier J wrote:
Is there a vulnerability in telnet to be exploited? If not it might be on purpose. I know of switching gear that is publicly accessible via telnet.
telnet does not of itself encrypt anything. If you log in somewhere via telnet, everything that passes between you and the remote end is passing in clear text. That is true for all data sent to you or from you during the whole session, but especially for the username and password you may have used to log in with.
Unless you have secured the channel by some other means (an encrypted tunnel, for example) or you own and control and can vouch for every piece of the infrastructure between you and the remote end, using telnet is just about the most insecure thing you can do short of mailing stuff to yourself on postcards.
Someone who puts a real switch doing real work on the Internet with working telnet access is asking to have at least the switch compromised very quickly. A plaything, a honeypot, or a teaching tool - maybe. Anything else, probably a bad idea. Remember that if I own your switch, I own all the data sent to or from any system connected to that switch...
Regards, K.
-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Karl Auer (kauer@biplane.com.au) http://www.biplane.com.au/kauer http://twitter.com/kauer389
GPG fingerprint: EC67 61E2 C2F6 EB55 884B E129 072B 0AF0 72AA 9882 Old fingerprint: B862 FB15 FE96 4961 BC62 1A40 6239 1208 9865 5F9A
On 11/11/2014 01:05 AM, Karl Auer wrote:
Someone who puts a real switch doing real work on the Internet with working telnet access is asking to have at least the switch compromised very quickly. A plaything, a honeypot, or a teaching tool - maybe. Anything else, probably a bad idea. Remember that if I own your switch, I own all the data sent to or from any system connected to that switch... Regards, K.
How so? Assuming that you're using password auth, the real vulnerability is somebody figuring out the password and owning the box. SSH certainly helps here immensely with rsa auth, but only if you use it. An active MITM attack or passive snooping on telnet streams seems like it would be orders of magnitude less dangerous on a list of threats. SSH is definitely a Good Thing, but it's not a sliver bullet. Mike
On Tue, 2014-11-11 at 07:44 -0800, Michael Thomas wrote:
On 11/11/2014 01:05 AM, Karl Auer wrote:
Someone who puts a real switch doing real work on the Internet with working telnet access is asking to have at least the switch compromised very quickly.
How so? Assuming that you're using password auth, the real vulnerability is somebody figuring out the password and owning the box. SSH certainly helps here immensely with rsa auth, but only if you use it.
Well - yes. That's sort of my point. If you are going to send a password over a network, make sure it's encrypted. Telnet isn't encrypted.
An active MITM attack or passive snooping on telnet streams seems like it would be orders of magnitude less dangerous on a list of threats. SSH is definitely a Good Thing, but it's not a sliver bullet.
I didn't say it was. I just said that sending passwords in clear text over the network is a very bad idea. Telnet does that, so using telnet is a very bad idea. Use ssh, and the problem is gone. There are other ways to make the problem disappear, and obviously neither they nor ssh will protect you if you do any of a dozen other silly things. Don't use telnet access for management of anything valuable unless you own every inch of the path from you to it, or unless you can encrypt the channel via other means. Regards, K. -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Karl Auer (kauer@biplane.com.au) http://www.biplane.com.au/kauer http://twitter.com/kauer389 GPG fingerprint: EC67 61E2 C2F6 EB55 884B E129 072B 0AF0 72AA 9882 Old fingerprint: B862 FB15 FE96 4961 BC62 1A40 6239 1208 9865 5F9A
On Mon, 10 Nov 2014 22:43:09 -0500, Joe <jbfixurpc@gmail.com> wrote:
Generally speaking its best you do what your good at and this is not it.
Exposing there is a window open to a gov agency is not hacking, trust me. I would say go back to fathering children and once you have a few more years under your belt feel free to join in.
And you, sir, should consult a lawyer before publicly slinging insults. I'm not a lawyer, but I have worked with one in this area. What you have post *is* evidence of a crime under the Computer and Fraud Abuse Act. The wording of that law is horrible, but it is what it is; the bar for of "unauthorized access" is *very* low. How you found it is irrelevant. You connected it to it -- knowing full well you are not authorized -- and proceeded to attempt to login, even if in jest. (Government agencies have zero sense of humor. And judges have next to no understanding of technology. Merely being charged can be a career killer.)
On 11/10/2014 06:34 PM, Joe wrote:
Kind of sad that the state govs don't curtail telnet,,,
[root@bighughness ~]# telnet 167.240.254.155 623 Trying 167.240.254.155... Connected to external-dns1.state.mi.us (167.240.254.155). Escape character is '^]'. Username:root Password:
Hopefully a honeypot / synthetic response from an IPS unit.... -- -James
There are thousands of devices out there with vulns that'd make you feel sick to the stomach. You can be a good samaritan and alert the appropriate contacts, but simply bringing into public doesn't really fix the issue. On Mon, Nov 10, 2014 at 5:34 PM, Joe <jbfixurpc@gmail.com> wrote:
Kind of sad that the state govs don't curtail telnet,,,
[root@bighughness ~]# telnet 167.240.254.155 623 Trying 167.240.254.155... Connected to external-dns1.state.mi.us (167.240.254.155). Escape character is '^]'. Username:root Password:
participants (14)
-
Aaron C. de Bruyn -
Ariel Biener -
Brian Henson -
Eugeniu Patrascu -
James Michael Keller -
Jason Hellenthal -
Javier J -
Joe -
Karl Auer -
Michael Thomas -
Mike Hale -
Miles Fidelman -
Rafael Possamai -
Ricky Beam