David Bombal

1.2M Exposed: WHY Port 23 Is a Nightmare

The video highlights that more than 1.2 million internet‑connected devices still run Telnet on port 23, a legacy protocol widely considered insecure. Using the Showdan scanning platform, the creator demonstrates how easily these exposed services can be discovered, underscoring a gap between perceived network hygiene and reality. The scan reveals roughly 344,000 Chinese devices, 72,000 in the United States, 117,000 in Brazil, and tens of thousands elsewhere that accept Telnet connections. Even Linux‑based systems are not immune; about 12,000 Linux hosts, including Debian and Ubuntu servers, appear online with Telnet enabled. The data illustrates a persistent global footprint of vulnerable legacy services. The presenter cites comments like “Who still runs Telnet?” and counters them with “Hold my beer,” emphasizing that the threat is not theoretical. Real‑world examples include an IP camera in Canada, a Cisco‑type router in the Philippines, and a Debian server in Italy, all publicly reachable via port 23. He stresses ethical boundaries, refusing to exploit the devices himself. For enterprises and IoT operators, the findings signal an urgent need to audit network inventories, disable unnecessary services, and enforce strict firewall rules. Leaving Telnet open invites automated scanners and opportunistic attackers, potentially leading to credential theft, ransomware deployment, or broader supply‑chain compromise.