Telnet.Default.Credentials
Description
This indicates an attempt to login telnet using system default credentials.
This signature checks for common default telnet username and passwords that are hard coded in IoT devices. Malware such Mirai sometimes scans for open telnet ports and attempts to login using these default credentials.
Affected Products
Any telnet server that accepts the default credentials.
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Monitor the traffic from that network for any suspicious activity.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |