On January 14, 2026, global telnet traffic observed by GreyNoise sensors fell off a cliff. A 59% sustained reduction, eighteen ASNs going completely silent, five countries vanishing from our data entirely. Six days later, CVE-2026-24061 dropped. Coincidence is one explanation.
The pattern points toward one or more North American Tier 1 transit providers implementing port 23 filtering
I share the author’s nostalgia for Telnet, as a kid who spent many lost hours trying to telnet into “interesting things” at the dawn of the internet. It is, however, long past time for the protocol to die and force ancient and insecure things to be retired. Thus might just do it.
I remember using telnet on a Palm Pilot, linked to the internet via IRDA to my (pre-smart) cell phone to log into my companies’ server to fix something while I was on holidays.
We had a transmitter on our building for satalite backhaul. I used to have fun using it to telnet into various stuff in orbit.
You’d be surprise at how many times they didn’t even bother with credentials.
Indeed, it’s amazing how much stuff was / is out there in the open.
Hobbyist use of unencrypted protocols like telnet can be very educational, and the other commenter is right that not everything needs to be encrypted, especially within the confines of a homelab, for instance.
My support for ending telnet use is much more about things like IoT systems, industrial hardware and so on talking in the clear and being vulnerable to compromise.
This isn’t about telnet, per se, but is a good example of the problem: https://news.satnews.com/2026/02/04/russia-intercepts-europes-key-satellites-placing-nato-satellite-at-risk/
But telnet is just a bidirectional TCP connection. You can run any terminal emulation you want over it, and run it on any port you want.
The telnetd service on the other hand… that has no reason to still be internet-facing.
Good point. I was referring more to telnetd as an unencrypted client-server protocol, typically to port 23. Often unauthenticated, ripe for MITM attacks.
That needs to end.
Hopefully nobody uses it for actual remote system access anymore, but it’s still a great protocol (well… “great” with some caveats) for things like MUDs and BBSes and other toys. I’m pretty sure you can even use it for IRC or IMAP or HTTP if you know what you’re doing. Is it secure? Of course not. That’s why we use modern protocols using SSL or TLS when we need security. But we don’t always need security.
Sure, telnet is not secure. But neither is, say, Minecraft. Because it’s a game. It’s not that important and in some ways it’s actually frustrating. There are pros and cons. It sucks if people are cheating or you get griefed or you get your account hacked or some other shit hacked, oh well, it’s a game, all you need to do is go outside and touch some grass about it. Not everything in life needs to be bank-vault secure. Sometimes it’s fun to just play around with raw text that doesn’t have ironclad security rules and certificates and key renegotiation guardrails built around it. Just go spew some text at some other protocol and see what it says. It’s fun and educational. I love telnet.
I used to debug POP3 issues by going through sessions one line at a time via telnet. Occasionally HTTP sessions too.
I used to send messages by hand over SMTP using a telnet client.
Any reason to pick that over netcat though?
These days, not really, except that netcat has wider capabilities and so often triggers security alarms when used.