Mcquire's Blogpage

contains mysteries, topics, etc. from around the world.

2006/6/24

TelNet

@ 09:14 AM (41 months, 2 days ago)

TelNet

(tel´net) (n.) A terminal emulation program for TCP/IP networks such as the Internet. The Telnet program runs on your computer and connects your PC to a server on the network. You can then enter commands through the Telnet program and they will be executed as if you were entering them directly on the server console. This enables you to control the server and communicate with other servers on the network. To start a Telnet session, you must log in to a server by entering a valid username and password. Telnet is a common way to remotely control Web servers.

TELNET is a network protocol used on the Internet or local area network LAN connections. IETF document STD 8 (aka RFC 854 and RFC 855) states:

The purpose of the TELNET Protocol is to provide a fairly general, bi-directional, eight-bit byte oriented communications facility.

It is typically used to provide user oriented command line login sessions between hosts on the Internet. The name is derived from the words telephone network, since the program is designed to emulate a single terminal attached to the other computer.

By extension, "telnet" also refers to the program which provides the client part of the protocol. TELNET clients have been available on most Unix systems for many years, however with recent advancements SSH has become more dominant in remote access for Unix-based machines, and are available for virtually all types of computers. On many systems, this "telnet" program may also be used to make interactive raw-TCP sessions and is used to communicate to services such as POP3 servers without specialized client software.

"To telnet" is also used as a verb meaning to establish or use a TELNET connection, as in, "To change your password, telnet to the server and run the passwd command".

It is also a means to connect to the new style Telnet Bulletin Board Systems (that once upon a time were dialup in the 1980's and 1990's) that allow for nostalgia over TCP / IP as well as most supporting all of the well known and other commonly used protocols on the Internet today as a full blown multi-protocol server suite.

Protocol details

TELNET is a client-server protocol, based on TCP, and clients generally connect to port 23 on the host providing the service ( programs, it is also possible to use a TELNET program to establish an interactive TCP connection of the protocol and a means of defining and implementing extensions. There are many extensions, some of which have been adopted as Internet Standards. IETF STD document numbers from 27 through to 32 define various TELNET extensions (most of which are extremely common). Of the remaining extensions the most useful ones are probably those that are on the IETF standards track as proposed standards; details can be found in STD 1.

 

Security

There are three main reasons why TELNET is a bad choice for modern systems from the point of view of computer security:

  • Commonly used TELNET daemons have several vulnerabilities discovered over the years, and probably several more still exist.
  • TELNET, by default, does not encrypt any data sent over the connection (including passwords), and so it is trivial to eavesdrop on the communications and use the password later for malicious purposes.
  • TELNET lacks an authentication scheme that makes it possible to ensure that communication is carried out between the two desired hosts, and not intercepted in the middle (see also Man-in-the-middle attacks).

In environments where security is important, such as on the public Internet, TELNET should not be used. TELNET sessions are unencrypted. This means that anybody who has access to any router, switch, or gateway located on the network between the two hosts where telnet is being used can intercept the TELNET packets passing by and easily obtain login and password information (and whatever else is typed) with any of several common utilities like tcpdump and Wireshark.

These flaws have seen the usage of the TELNET protocol drop rapidly in favor of a more secure and functional protocol called SSH, released in 1995. SSH provides all functionality present in telnet, with the addition of strong encryption to prevent sensitive data such as passwords from being intercepted, and public key authentication, to ensure that the remote computer is actually who it claims to be.

Experts in computer security, such as SANS Institute, and the members of the comp.os.linux.security newsgroup recommend that the use of TELNET for remote logins should be discontinued under all normal circumstances.

When TELNET was initially developed in 1969, most users of networked computers were in the computer departments of academic institutions, or at large private and government research facilities. In this environment, security was not nearly as much of a concern as it became after the bandwidth explosion of the 1990s. With the exponential rise in the number of people with access to the Internet, and by extension, the number of people attempting to crack into other people's servers, TELNET should generally not ever be used on networks with Internet connectivity.

» Leave a comment


:mrgreen: :neutral: :twisted: :arrow: :shock: :smile: :???: :cool: :evil: :grin: :idea: :oops: :razz: :roll: :wink: :cry: :eek: :lol: :mad: :sad: :!: :?:

Preview:

You say:

To prevent spam, please type in the exact word you see in this image: CAPTCHA
To refresh the image, click here. Otherwise, contact us.

  • Your E-mail address is never displayed. If you enter it, it will only be visible to the blog author
  • The line and paragraph breaks automatically