UMN to block inbound Telnet connections
Improved protection from Internet-based attacks
In order to improve protection from Internet-based attacks and align with industry standards, the University of Minnesota will begin blocking inbound Telnet connections on December 28. This is not expected to adversely impact University operations. As a precaution, University Information Security will monitor Telnet activity before and after the change to help ensure there is no negative impact. This block will not apply to outbound Telnet, which will remain unaffected.
Telnet, developed in 1969, is an outdated network communication protocol for remotely accessing computer systems. The authentication and communication methods used by Telnet do not provide protection against eavesdropping, which allows for easy interception and theft of credentials. Telnet has been replaced by more robust communication protocols that utilize security and encryption, such as Secure Shell (SSH). Analysis of Telnet traffic inbound to the University shows no legitimate purpose. Every day, the University detects millions of malicious attempts to access systems over Telnet that are not intended to be accessible from the Internet (printers, lab equipment, Internet of Things (IoT) devices embedded with electronics, software, sensors, and network connectivity, which enable these objects to collect and exchange data, etc.).
Please contact email@example.com with questions or concerns about this matter, or if you receive any reports of University operations being disrupted by the block.