[chousuke]

The article kind of makes it sound like telnet is somehow necessary and that disabling it hasn't been a best practice for years.

Maybe there are still old devices that don't support SSH and you literally have no option, but really, what other reason is there to have telnet enabled?

[6stringmerc]

That's what I was thinking about. On the Cisco support site Telnet gets barely a mention. It is apparently not the flagship feature of these switches and whatnot. Okay maybe it's customary to leave it open but there's a lot of lazy practices that result in bad security, not just headline "vulnerabilities" that affect - gasp - 300+ models!

So, basically I think Ars Technica's sub-par quality strikes again, in that a tech site gets a fundamental understanding of technology wrong. If something isn't mission critical, can be turned off, and alleviates a vulnerability, then that's a way to fix it. Plain fucking English.

[peterwwillis]

No, that is a workaround. Telnet is still broken until they patch the security hole.

[rbanffy]

Please, use an RPi attached to a serial port and SSH through it.