Telnet MCP Server
A secure telnet client for LLM applications, designed for defensive security analysis of network devices.
Telnet MCP Server
A Model Context Protocol (MCP) server that provides secure telnet client capabilities for Claude Code and other LLM applications. Designed for defensive security analysis of network devices.
Features
- Secure Telnet Client: Connect to router devices with command filtering
- MCP Protocol Support: Full JSON-RPC 2.0 compliance for Claude Code integration
- Security Features: Command filtering, audit logging, session management
- Router Management: Support for multiple concurrent router connections
- Comprehensive Logging: Detailed audit trail for compliance and security
Quick Start
Prerequisites
- Go 1.21 or later
- Claude Code or compatible MCP client
- Network access to target router devices
Installation
- Clone and build:
git clone <repository>
cd telnet-mcp-server
go mod tidy
go build -o telnet-mcp-server
- Configure Claude Code:
# Copy example configuration
cp claude_config_example.json ~/.config/claude-code/config.json
- Run with Claude Code:
claude-code
Configuration
Claude Code Integration
Add to your Claude Code configuration:
{
"mcpServers": {
"telnet-proxy": {
"transport": "stdio",
"command": "./telnet-mcp-server",
"env": {
"ROUTER_IPS": "10.98.1.131,10.98.1.171",
"LOG_LEVEL": "info"
}
}
}
}
Environment Variables
ROUTER_IPS: Comma-separated list of allowed router IP addressesLOG_LEVEL: Logging level (debug, info, warn, error)AUDIT_LOG_PATH: Path to audit log file (default: /tmp/telnet-mcp-audit.log)
Available Tools
telnet_connect
Connect to a router device.
Parameters:
host(required): Router IP addressport(optional): Telnet port (default: 23)timeout(optional): Connection timeout in seconds (default: 30)
telnet_execute_command
Execute a command on connected router.
Parameters:
host(required): Router IP addresscommand(required): Command to executetimeout(optional): Command timeout in seconds (default: 10)
telnet_disconnect
Disconnect from router device.
Parameters:
host(required): Router IP addressport(optional): Telnet port (default: 23)
Security Features
Command Filtering
The server uses a blacklist security model that allows most commands while blocking only dangerous operations:
Security Approach:
- β Default Allow: All commands are permitted by default
- β Minimal Blacklist: Only dangerous commands are blocked
- π Full Audit: All commands are logged regardless of status
Allowed Commands (Examples):
- File operations:
cat,head,tail,more,less,grep,find - System info:
ls,ps,top,df,free,uptime,whoami - Network tools:
ping,traceroute,nslookup,dig,netstat - Router commands:
show version,show config,show interfaces, etc. - Text processing:
awk,sed,sort,uniq,wc,cut
Blocked Commands:
- Configuration:
configure,config,write memory,wr - Destructive:
delete,del,erase,format,factory-reset - System control:
reload,reboot,restart,shutdown,halt,reset - Firmware:
boot(with space),upgrade,update
Audit Logging
All activities are logged to the audit file with timestamps:
- Connection events
- Command executions
- Security violations
- Error conditions
Usage Examples
Basic Router Analysis
# In Claude Code
Connect to router 10.98.1.131 and analyze its configuration for security vulnerabilities.
Network Discovery
# In Claude Code
Map the network topology by connecting to both routers and examining their routing tables.
Security Audit
# In Claude Code
Perform a comprehensive security audit of router 10.98.1.171, checking for default passwords, insecure protocols, and misconfigurations.
Development
Building
go build -o telnet-mcp-server
Testing
go test ./...
Running in Development
go run main.go
Security Considerations
- This tool is designed for defensive security analysis only
- All communications are logged for audit purposes
- Command filtering prevents destructive operations
- Use only on trusted internal networks
- Review audit logs regularly for security monitoring
Troubleshooting
Connection Issues
- Verify network connectivity to target devices
- Check firewall rules and port accessibility
- Ensure telnet service is running on target devices
- Review timeout settings in configuration
Command Execution Problems
- Check command syntax for your router type
- Verify command is in allowed list
- Review audit logs for blocked commands
- Ensure proper session state
Claude Code Integration
- Verify MCP server configuration path
- Check environment variables
- Review Claude Code logs for MCP errors
- Ensure server binary has execute permissions
License
MIT License - See LICENSE file for details.
Contributing
- Fork the repository
- Create a feature branch
- Make your changes
- Add tests if applicable
- Submit a pull request
Support
For issues and questions:
- Check the troubleshooting section
- Review audit logs
- Open an issue on GitHub
Related Servers
Slack Webhook
Post messages to Slack channels using incoming webhooks or bot tokens.
Wizzypedia MCP Server
Interact with Wizzypedia through the MediaWiki API, supporting both read-only and authenticated operations.
MCP Reddit Server
An MCP server for interacting with the Reddit API, enabling searches for posts, comments, and subreddits.
Human-in-the-Loop
Allows AI assistants to ask questions to humans via Discord.
Discord
A server for reading and sending messages on Discord.
MCP Evolution API
An MCP server for Claude that integrates with the Evolution API for WhatsApp automation.
MCPει¦ζΆιε¨
An MCP server for collecting interactive user feedback through a graphical user interface.
Blogger
Interact with the Google Blogger API to manage blogs, posts, and comments.
MCP Headless Gmail Server
A headless server to get and send emails via the Gmail API, requiring Google API credentials at runtime.
Integration App
Interact with any other SaaS applications on behalf of your customers.