Why Using Telnet in Production Can Get You Reported: Security Rules You Must Know

Background

A colleague was reprimanded for using the telnet command to test a network port in a client’s production environment, highlighting that even routine network‑operation tools are now subject to strict security controls.

Why Telnet Is Deemed a Violation

Rigid security policies

Prohibition of clear‑text protocols: Telnet transmits credentials in plain text, violating Article 21 of the Cybersecurity Law which requires encrypted data transmission.

Principle of least privilege: Direct access to public assets must go through an approved jump host; Telnet can bypass monitoring systems.

Attack‑signature matching: Scanners such as Nmap use Telnet to probe ports, a behavior that easily triggers IDS rules.

Operator network special requirements

Critical infrastructure: Telecom networks are classified as national critical information infrastructure and must comply with the “Regulations on Security Protection of Critical Information Infrastructure,” which forbid unauthorized external connections.

Boundary control: Core network devices cannot be directly connected to the Internet; testing must be performed via dedicated operation channels (e.g., out‑of‑band management networks).

High‑Risk Scenarios to Avoid

Clear‑text transmission scanning (definitely illegal) Example command: nc -zv 100.126.43.105 8000 Risks: Unencrypted traffic breaches telecom “Communication Encryption Mandatory Specification” and resembles hacker port‑scanning, triggering IDS alerts.

High‑frequency or large‑scale scanning (definitely illegal) Example command:

for port in {8000..8010}; do nc -zv targetIP $port; done

Risks: Classified as network reconnaissance, violating Article 27 of the Cybersecurity Law; operators often limit requests per second (e.g., ≤5 req/s).

Bypassing audit channels (definitely illegal) Examples:

Running nc directly from a production server without using a jump or bastion host.

Failing to file a work‑order ticket that records the test IP and ports in advance.

Additional Restrictions

Clients may also forbid the use of privileged commands such as root, rm, mv, or even editing logs with vim. Understanding and adhering to these rules helps avoid compliance breaches and unnecessary reprimands.