Overview
- Terrace Networks reports no evidence of new core ISP port 23 filtering and says Telnet traceroutes succeeded for 55 of 56 allegedly affected autonomous systems.
- Its review shows continued, non-spoofable Telnet connections from networks GreyNoise flagged, and it cross-checked trends against open data sources like Dataplane.org.
- GreyNoise had earlier documented a sharp January 14 collapse in observed Telnet sessions and proposed an unverified theory of Tier 1 transit filtering ahead of the January 20 CVE disclosure.
- Terrace argues the GreyNoise signal may reflect measurement artifacts or scanners avoiding GreyNoise sensors and recommends evaluating unique sources and completed handshakes over raw session counts.
- The vulnerability at issue, CVE-2026-24061 in GNU InetUtils telnetd, carries a 9.8 CVSS score and was publicly disclosed on January 20, with operators named by GreyNoise not publicly confirming any filtering actions.