Labsco
PetePeter logo

Telnet MCP Server

โ˜… 1

from PetePeter

A secure telnet client for LLM applications, designed for defensive security analysis of network devices.

๐Ÿ”ฅ๐Ÿ”ฅ๐Ÿ”ฅโœ“ VerifiedFreeQuick setup

Telnet MCP Server

A Model Context Protocol (MCP) server that provides secure telnet client capabilities for Claude Code and other LLM applications. Designed for defensive security analysis of network devices.

Features

  • Secure Telnet Client: Connect to router devices with command filtering
  • MCP Protocol Support: Full JSON-RPC 2.0 compliance for Claude Code integration
  • Security Features: Command filtering, audit logging, session management
  • Router Management: Support for multiple concurrent router connections
  • Comprehensive Logging: Detailed audit trail for compliance and security

Available Tools

telnet_connect

Connect to a router device.

Parameters:

  • host (required): Router IP address
  • port (optional): Telnet port (default: 23)
  • timeout (optional): Connection timeout in seconds (default: 30)

telnet_execute_command

Execute a command on connected router.

Parameters:

  • host (required): Router IP address
  • command (required): Command to execute
  • timeout (optional): Command timeout in seconds (default: 10)

telnet_disconnect

Disconnect from router device.

Parameters:

  • host (required): Router IP address
  • port (optional): Telnet port (default: 23)

Security Features

Command Filtering

The server uses a blacklist security model that allows most commands while blocking only dangerous operations:

Security Approach:

  • โœ… Default Allow: All commands are permitted by default
  • โŒ Minimal Blacklist: Only dangerous commands are blocked
  • ๐Ÿ” Full Audit: All commands are logged regardless of status

Allowed Commands (Examples):

  • File operations: cat, head, tail, more, less, grep, find
  • System info: ls, ps, top, df, free, uptime, whoami
  • Network tools: ping, traceroute, nslookup, dig, netstat
  • Router commands: show version, show config, show interfaces, etc.
  • Text processing: awk, sed, sort, uniq, wc, cut

Blocked Commands:

  • Configuration: configure, config, write memory, wr
  • Destructive: delete, del, erase, format, factory-reset
  • System control: reload, reboot, restart, shutdown, halt, reset
  • Firmware: boot (with space), upgrade, update

Audit Logging

All activities are logged to the audit file with timestamps:

  • Connection events
  • Command executions
  • Security violations
  • Error conditions

Development

Building

go build -o telnet-mcp-server

Testing

go test ./...

Running in Development

go run main.go

Security Considerations

  • This tool is designed for defensive security analysis only
  • All communications are logged for audit purposes
  • Command filtering prevents destructive operations
  • Use only on trusted internal networks
  • Review audit logs regularly for security monitoring

License

MIT License - See LICENSE file for details.

Contributing

  1. Fork the repository
  2. Create a feature branch
  3. Make your changes
  4. Add tests if applicable
  5. Submit a pull request

Support

For issues and questions:

  • Check the troubleshooting section
  • Review audit logs
  • Open an issue on GitHub