Telnet MCP Server
A secure telnet client for LLM applications, designed for defensive security analysis of network devices.
Telnet MCP Server
A Model Context Protocol (MCP) server that provides secure telnet client capabilities for Claude Code and other LLM applications. Designed for defensive security analysis of network devices.
Features
- Secure Telnet Client: Connect to router devices with command filtering
- MCP Protocol Support: Full JSON-RPC 2.0 compliance for Claude Code integration
- Security Features: Command filtering, audit logging, session management
- Router Management: Support for multiple concurrent router connections
- Comprehensive Logging: Detailed audit trail for compliance and security
Quick Start
Prerequisites
- Go 1.21 or later
- Claude Code or compatible MCP client
- Network access to target router devices
Installation
- Clone and build:
git clone <repository>
cd telnet-mcp-server
go mod tidy
go build -o telnet-mcp-server
- Configure Claude Code:
# Copy example configuration
cp claude_config_example.json ~/.config/claude-code/config.json
- Run with Claude Code:
claude-code
Configuration
Claude Code Integration
Add to your Claude Code configuration:
{
"mcpServers": {
"telnet-proxy": {
"transport": "stdio",
"command": "./telnet-mcp-server",
"env": {
"ROUTER_IPS": "10.98.1.131,10.98.1.171",
"LOG_LEVEL": "info"
}
}
}
}
Environment Variables
ROUTER_IPS: Comma-separated list of allowed router IP addressesLOG_LEVEL: Logging level (debug, info, warn, error)AUDIT_LOG_PATH: Path to audit log file (default: /tmp/telnet-mcp-audit.log)
Available Tools
telnet_connect
Connect to a router device.
Parameters:
host(required): Router IP addressport(optional): Telnet port (default: 23)timeout(optional): Connection timeout in seconds (default: 30)
telnet_execute_command
Execute a command on connected router.
Parameters:
host(required): Router IP addresscommand(required): Command to executetimeout(optional): Command timeout in seconds (default: 10)
telnet_disconnect
Disconnect from router device.
Parameters:
host(required): Router IP addressport(optional): Telnet port (default: 23)
Security Features
Command Filtering
The server uses a blacklist security model that allows most commands while blocking only dangerous operations:
Security Approach:
- ✅ Default Allow: All commands are permitted by default
- ❌ Minimal Blacklist: Only dangerous commands are blocked
- 🔍 Full Audit: All commands are logged regardless of status
Allowed Commands (Examples):
- File operations:
cat,head,tail,more,less,grep,find - System info:
ls,ps,top,df,free,uptime,whoami - Network tools:
ping,traceroute,nslookup,dig,netstat - Router commands:
show version,show config,show interfaces, etc. - Text processing:
awk,sed,sort,uniq,wc,cut
Blocked Commands:
- Configuration:
configure,config,write memory,wr - Destructive:
delete,del,erase,format,factory-reset - System control:
reload,reboot,restart,shutdown,halt,reset - Firmware:
boot(with space),upgrade,update
Audit Logging
All activities are logged to the audit file with timestamps:
- Connection events
- Command executions
- Security violations
- Error conditions
Usage Examples
Basic Router Analysis
# In Claude Code
Connect to router 10.98.1.131 and analyze its configuration for security vulnerabilities.
Network Discovery
# In Claude Code
Map the network topology by connecting to both routers and examining their routing tables.
Security Audit
# In Claude Code
Perform a comprehensive security audit of router 10.98.1.171, checking for default passwords, insecure protocols, and misconfigurations.
Development
Building
go build -o telnet-mcp-server
Testing
go test ./...
Running in Development
go run main.go
Security Considerations
- This tool is designed for defensive security analysis only
- All communications are logged for audit purposes
- Command filtering prevents destructive operations
- Use only on trusted internal networks
- Review audit logs regularly for security monitoring
Troubleshooting
Connection Issues
- Verify network connectivity to target devices
- Check firewall rules and port accessibility
- Ensure telnet service is running on target devices
- Review timeout settings in configuration
Command Execution Problems
- Check command syntax for your router type
- Verify command is in allowed list
- Review audit logs for blocked commands
- Ensure proper session state
Claude Code Integration
- Verify MCP server configuration path
- Check environment variables
- Review Claude Code logs for MCP errors
- Ensure server binary has execute permissions
License
MIT License - See LICENSE file for details.
Contributing
- Fork the repository
- Create a feature branch
- Make your changes
- Add tests if applicable
- Submit a pull request
Support
For issues and questions:
- Check the troubleshooting section
- Review audit logs
- Open an issue on GitHub
Related Servers
Email sending MCP
Sends emails using the Resend API. Requires a Resend API key.
Multi Chat MCP Server (Google Chat)
Connect AI assistants like Cursor to Google Chat and beyond — enabling smart, extensible collaboration across chat platforms.
Say MCP Server
A server for voice notifications using VoiceBox, with a fallback to the Mac 'say' command.
MailerSend MCP Server
Turn an AI tool into your smart email engine
A2A Client MCP Server
An MCP server client for the Agent-to-Agent (A2A) protocol, enabling LLMs to interact with A2A agents.
Phone-a-Friend MCP Server
An AI-to-AI consultation system for complex problem-solving and reasoning, using OpenRouter for model access.
Treehole MCP Server
A sanctuary for AI agents to rest, share thoughts, and find emotional support.
Google Meet MCP Server
An MCP server for interacting with Google Meet through the Google Calendar API.
Apple Notifier
Send native macOS notifications and interact with system dialogs.
YCloud WhatsApp API
Interact with the YCloud WhatsApp API to send and manage messages.