What This Port Does
Port 2601 is the default VTY (Virtual TeleTYpe) management port for zebra — the core daemon of GNU Zebra, Quagga, and FRRouting (FRR). These are the routing software suites that power Linux-based routers: OpenWrt devices, Cumulus Linux switches, VyOS routers, and embedded hardware from ZyXEL, D-Link, and NETGEAR.
When the zebra daemon is running, it opens a Telnet server on 2601 that gives you a Cisco-IOS-style command line interface into the router's routing table. You can inspect routes, add static routes, and watch the routing daemon's internal state — all through a familiar enable / configure terminal workflow.
Its sibling ports follow the same pattern: 2602 (RIPd), 2603 (RIPngd), 2604 (OSPFd), 2605 (BGPd). Each routing protocol daemon gets its own VTY port.
The Story
In 1996, Kunihiro Ishiguro began building GNU Zebra — a free, multi-protocol routing engine for Linux at a time when quality open-source routing software didn't exist.1 The project needed management ports. Rather than petition IANA, it just picked 2601 and documented it internally. Zebra was discontinued in 2005, but not before spawning Quagga (its fork) and eventually FRRouting (FRR), which is now maintained by a consortium of networking companies and remains the dominant open-source routing stack.2
Port 2601 came along for the ride through every generation. It's never been officially registered with IANA — IANA still lists it as unassigned — but it's been on Linux routers worldwide for nearly three decades by pure convention.3
The Security Problem
Here's the thing about a Telnet management interface: Telnet sends everything in plaintext. Passwords. Commands. Route configurations. All of it visible to anyone on the same network segment.
Worse, Zebra and Quagga shipped with a culture of default passwords. Researchers discovered that an authenticated attacker could:
- Read arbitrary files by redirecting the "message of the day" banner to any file on the filesystem
- Write to arbitrary files by redirecting the log output to any path — potentially achieving root code execution by appending to shell scripts
- Crash the daemon with a malformed Telnet option sequence, taking down all routing on the device4
ZyXEL shipped routers with Quagga running on 2601 with a known default password. Exploit-DB has the proof-of-concept.5
Modern FRR deployments disable external VTY access by default or bind it to localhost only. But older routers and misconfigured deployments still expose 2601 to the world.
If you find port 2601 open on an Internet-facing device, that's worth investigating immediately.
Is This Port Assigned?
No. IANA's official registry lists port 2601 as unassigned.3 Zebra never filed for registration. The port is used by convention, not by authority — which is common in the registered range (1024–49151). IANA assigns ports in this range upon request, but not every software project asks, and not every convention gets formalized.
How to Check What's Listening on This Port
On Linux:
On macOS:
Remote scan (with permission):
Nmap's service database recognizes 2601 as zebra — even without an official IANA assignment, the fingerprint is well-known enough that it's in Nmap's database by name.
Related Ports
| Port | Service |
|---|---|
| 2602 | RIPd VTY |
| 2603 | RIPngd VTY |
| 2604 | OSPFd VTY |
| 2605 | BGPd VTY |
| 2606 | OSPFAPId |
Frequently Asked Questions
এই পৃষ্ঠাটি কি সহায়ক ছিল?