Google
 
   
Login
Username:

Password:


Lost Password?

Register now!
Search

Advanced Search
Main Menu
top books
Polls
What do you think about php-deluxe.net?
Excellent!
Cool
Hmm..not bad
What the hell is this?
encyclopedia
Stub types for...
Distributed programming
Legend Films
Activity (UML)
OBJ3
GameFAQs
The Tao of Programming
recommendation
compare webbrowser
Freenet DSL
Who's Online
3 user(s) are online (3 user(s) are browsing encyclopedia)

Members: 0
Guests: 3

more...
browser tip
recommendation!
Sponsored
partner
Germany Next Topmodel
germanys next topmodel germanys next topmodel

Telnet

Unix systems for many years, and are available for virtually all types of computers. On many systems, the telnet program may also be used to make interactive raw-Transmission Control Protocol sessions and is used to communicate to services such as POP3 servers without specialized client software.

To telnet is also used as a verb meaning to establish or use a telnet connection, as in, If you need to change your password you need to telnet to the server and run the Passwd command .

= Protocol details =

Telnet is a client-server protocol, based on Transmission Control Protocol, and clients generally connect to computer port 23 on the host providing the service (though like many protocols in use on the Internet which port to use is fairly easy to change). Partly because of the design of the protocol and partly because of the flexibility typically provided by telnet programs, it is also possible to use a Telnet program to establish an interactive TCP connection to some other service on an Internet host. A classic use of this is telnetting to port 25 (where typically an SMTP server is to be found) to debug a mail server.

The Telnet protocol can be divided into a core and a set of extensions. The core protocol is described by IETF documents RFC 854 and RFC 855 which are also collected together in STD 8, which defines fairly basic operating characteristics of the protocol and a means of defining and implementing extensions. There are many extensions, some of which have been adopted as Internet Standards, some of which haven t. IETF STD document numbers from 27 through to 32 define various Telnet extensions (most of which are extremely common). Of the remaining extensions the most useful ones are probably those that are on the IETF standards track as proposed standards; details can be found in STD 1.

= Security =

There are three main problems with Telnet, making it a bad choice for modern systems from the point of view of computer security:

  • Commonly used telnet daemon (computer software)s have several vulnerability (computer science) discovered over the years, and probably several more still exist.
  • Telnet, by default, does not encrypt any data sent over the connection (including passwords), and so it is trivial to eavesdrop on the communications and use the password later for malicious purposes.
  • Telnet lacks an authentication scheme that makes it possible to ensure that communication is carried out between the two desired Servers, and not intercepted in the middle.

    • In environments where security is important, such as on the public Internet, telnet should not be used. Telnet sessions are unencrypted. This means that anybody who has access to any Router, switch, or gateway located on the network between the two hosts where telnet is being used can intercept the telnet packets passing by and easily obtain login and password information (and whatever else is typed) with any of several common utilities like tcpdump and Ethereal.

    These flaws have seen the usage of the Telnet protocol drop rapidly in favor of a more secure and functional protocol called SSH, released in 1995. SSH provides all functionality present in telnet, with the addition of strong encryption to prevent sensitive data such as passwords from being intercepted, and public key authentication, to ensure that the remote computer is actually who it claims to be.

    Experts in computer security, such as SANS Institute, and the members of the comp.os.linux.security newsgroup recommend that the use of Telnet for remote logins should be discontinued under all normal circumstances.

    When telnet was initially developed in 1969, most users of networked computers were in the computer departments of academic institutions, or at large private and government research facilities. In this environment, security was not nearly as much of a concern as it became after the bandwidth explosion of the 1990s. With the exponential rise in the number of people with access to the Internet, and by extension, the number of people attempting to cracker (computing) into other people s servers, telnet should generally not ever be used on networks with Internet connectivity.

    Telnet clients are still occasionally used to manually talk to other services. It is sometimes used in debugging network services such as an SMTP or HTTP server, by serving as a simple way to send commands to the server and examine the responses. Telnet can also be used as a rudimentary Internet Relay Chat client if you know the protocol well enough.

    Telnet is also heavily used for MUD games played over the Internet.

    = Telnet clients =

    === Windows ===

  • [http://dtelnet.sourceforge.net/ dtelnet] is a free telnet client for Windows.
  • [http://www.pegsol.com/whitehorn/downloads.htm Whitehorn Secure Terminal] free Telnet client for Windows
  • [http://consoletelnet.sourceforge.net/ Console telnet] is a full screen (console) telnet client for MS Win32 environments.

    • === Multiplatform ===

  • PuTTY is a free SSH, Telnet, Rlogin, and Transmission Control Protocol Client (computing) for Windows and Unix.

    • = Telnet servers =

  • [http://telnetd.sourceforge.net/ telnetd] is an embeddable telnet daemon written in Java.

    • =See also=

  • Telnet 3270 (TN3270)
    		•