I am surprised at how many networks I run across that still have telnet and plain old http not only enabled, but the only way to manage these devices. This really is a easy change and in my experiences doesn’t have any drawbacks, so why do people still have these enabled on their network? Why are device manufacturers allowing these as options in new devices being configured?
The reason I bring this up today is unless you are living under a rock (and if you are, I am sorry) you have heard about Wikileaks providing information on a huge amount of network vulnerabilities that are, and have been on many of the devices we have in our corporate networks. Cisco has now released a listing of devices (the first of many I am sure) and details of the cause. Surprise! If these devices are in your network and have telnet enabled, you have a big problem on your hands! If you still have devices managed by telnet, even if they are not Cisco you need to stop reading this post, and get to planning some changes!
This is probably the first of many security exploits we will see in the coming weeks. If you have equipment on this list, I would start planning firmware upgrades for the short term, and refreshes for the long term!