Monthly Archives: November 2016

IoT (Internet-of-Things) and Port 23

Greetings…

Yes, I know…it has been a long time since my last post. Sorry…I’ve been busy.

This afternoon, I was doing some configuration work on one of my Internet facing routers, and I noticed a large amount of scanning, looking for an open Telnet port (scanning for ports 23 and 2323)…take a look…

A lot of "knocking" on ports 23 and 2323

A lot of “knocking” on ports 23 and 2323

I was wondering if it was just this router, so I checked several other routers on my network and they are all seeing exactly the same thing, and it all started at roughly the same time. VERY interesting! (Note…you may notice that there are two different ACL’s involved…that’s because I have two Internet facing ports…a primary circuit and a backup circuit, each with their own custom ACL.)

This activity might be related to the recent Mirai malware attacks on the “Internet of Things” (IoT), and the use of port 23 for C&C (Command & Control) traffic.  Hard to say really…maybe it’s just ET trying to phone home…

Have a great day!!