Wikipedia

Telnet

This is an old revision of this page, as edited by 136.206.11.249 (talk) at 17:37, 1 November 2006. The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

TELNET (TELetype NETwork) is a network protocol used on the Internet or local area network LAN connections. It was developed in 1969. It is considered insecure due to various inherent limitations. IETF document STD 8 (aka RFC 854 and RFC 855) states:

The purpose of the TELNET Protocol is to provide a fairly general, bi-directional, eight-bit byte oriented communications facility. Alex is a loser.

It is typically used to provide user oriented command line login sessions between hosts on the Internet. The name is derived from the words telecommunication network, since the program is designed to emulate a single terminal attached to the other computer.

By extension, "telnet" also refers to the program which provides the client part of the protocol. TELNET clients have been available on most Unix systems for many years and are available for virtually all platforms. Most network equipment and OSs with a TCP/IP stack support some kind of Telnet service server for their remote configuration (including ones based on Windows NT). However with recent advancements SSH has become more dominant in remote access for Unix-based machines.

On many systems, the "telnet" client program may also be used to make interactive raw-TCP sessions and is used to communicate to services such as POP3 servers without specialized client software. Although on UNIX other commands such as nc (netcat) or socat are generally better suited for this kind of (testing) usage, as they can be called with arguments to not send any terminal control handshaking characters.

"To telnet" is also used as a verb meaning to establish or use a TELNET connection, as in, "To change your password, telnet to the server and run the passwd command".

It is also a means to connect to the new style Telnet Bulletin Board Systems (that once upon a time were dialup in the 1980s and 1990s) that allow for nostalgia over TCP/IP as well as most supporting all of the well known and other commonly used protocols on the Internet today as a full blown multi-protocol server suite.

Protocol details

TELNET is a client-server protocol, based on a reliable connection-oriented transport. Typically this is TCP port 23, but in fact Telnet predates TCP/IP and was originally run on NCP.

There are many extensions, some of which have been adopted as Internet Standards. IETF STD document numbers from 27 to 32 define various TELNET extensions, most of which are extremely common. Of the remaining extensions, the most useful ones are probably those that are on the IETF standards track as proposed standards.

Security

There are three main reasons why TELNET is not recommended for modern systems from the point of view of computer security:

  • Commonly used TELNET daemons have several vulnerabilities discovered over the years, and probably several more still exist.
  • TELNET, by default, does not encrypt any data sent over the connection (including passwords), and so it is trivial to eavesdrop on the communications and use the password later for malicious purposes.
  • TELNET lacks an authentication scheme that makes it possible to ensure that communication is carried out between the two desired hosts, and not intercepted in the middle (see also Man-in-the-middle attacks).

In environments where security is important, such as on the public Internet, TELNET should not be used. TELNET sessions are unencrypted. This means that anybody who has access to any router, switch, or gateway located on the network between the two hosts where telnet is being used can intercept the TELNET packets passing by and easily obtain login and password information (and whatever else is typed) with any of several common utilities like tcpdump and Wireshark.

These flaws have seen the usage of the TELNET protocol drop rapidly in favor of a more secure and functional protocol called SSH, released in 1995. SSH provides all functionality present in telnet, with the addition of strong encryption to prevent sensitive data such as passwords from being intercepted, and public key authentication, to ensure that the remote computer is actually who it claims to be.

Experts in computer security, such as SANS Institute, and the members of the comp.os.linux.security newsgroup recommend that the use of TELNET for remote logins should be discontinued under all normal circumstances.

When TELNET was initially developed in 1969, most users of networked computers were in the computer departments of academic institutions, or at large private and government research facilities. In this environment, security was not nearly as much of a concern as it became after the bandwidth explosion of the 1990s. With the exponential rise in the number of people with access to the Internet, and by extension, the number of people attempting to crack into other people's servers, TELNET should generally not ever be used on networks with Internet connectivity.

Current status

While the TELNET protocol itself has been mostly superseded, the TELNET clients are still used to manually "talk" to other services. It is sometimes used in debugging network services such as an SMTP or HTTP server, by serving as a simple way to send commands to the server and examine the responses. TELNET can also be used as a rudimentary IRC client if you know the protocol well enough.

TELNET is still very popular in enterprise networks to access host applications, i.e. on IBM Mainframes.

TELNET is also heavily used for MUD games played over the Internet, as well as talkers, MUSH es, MUCKs and MOOes. By using image-to-ASCII algorithms, it can also be used for primitive "video" streaming. Recently, ASCII-WM offered live broadcasts of the 2006 World Cup.

TELNET has one big advantage over SSH: SSH can be used as a tunneling protocol. Therefore on an enterprise firewall it is always a security risk to allow an SSH session, while a TELNET session is only insecure because of missing encryption.

TELNET clients

Multiplatform

  • PuTTY is a free SSH, TELNET, rlogin, and raw TCP client for Windows and Unix.
  • mTelnet is a free full-screen TELNET client for Windows & OS/2. Easy to use client with Zmodem download capability.
  • Twisted Conch includes a telnet client/server implementation.

Windows

  • Windows comes with a built in telnet client, accessible from the command prompt. Note that in Windows Vista, as of RC1, the telnet client is not installed by default, and needs to be installed as an optional Windows component.
  • TeraTerm is a free telnet/SSH client for Windows that offers more features than the built-in telnet as well as offering a free SSH plug-in.
  • AbsoluteTelnet is an excellent client for all versions of Windows, and includes telnet, SSH1, and SSH2. AbsoluteTelnet includes advanced authentication options, such as smartcard, gssapi, kerberos, and NTLM when used with SSH2. It is fully Unicode and IME aware and includes character set translations for UTF8, ISO8859-??, WIN12??, Chinese, Japanese, Korean, and Russian.

Free with Source Code

  • dtelnet is a free TELNET client for Windows.
  • Pueblo/UE is a free TELNET client for Windows with support for in-line HTML.
  • Console telnet is a full screen (console) TELNET client for MS Win32 environments.

Non-free Source Code

  • Whitehorn Secure Terminal free TELNET client for Windows.
  • Simpterm is a Unicode savy TELNET client for MS Win32 environments that for example can be used for Chinese.
  • SimpleMU is a shareware TELNET client.
  • CRT and SecureCRT are TELNET clients with scripting capabilities in VBScript, Javascript and Perl.

Macintosh

  • tn3270 is a free TELNET client for Macintosh designed to work with IBM mainframe systems that use the TN3270 protocol.
  • Terminal is a TELNET capable command line interface application that comes as part of all versions of Macintosh OS X.
  • dataComet is a full-featured Telnet & SSH application for the Macintosh.

TELNET servers

Free with Source Code

  • telnetd is an embeddable TELNET daemon written in Java.
  • Poor Woman's Telnet Server is a standalone java TELNET server which bases upon telnetd.
  • Synchronet is a Win32 and Linux BBS Server that also supports http, nntp, pop3, ftp and other protocols.
  • utelnetd Tiny Telnet Server for Linux Systems

See also

Retrieved from "https://en.wikipedia.org/w/index.php?title=Telnet&oldid=85071456"