A Telnet Rant

Thursday, 20. May 2010

—Caution: Below you will find what some may term as a rant.—

Telnet- (TErminaL NETwork) is a network protocol used on the Internet or local area networks to provide a bidirectional interactive text-oriented communications facility via a virtual terminal connection. (Wikipedia) 

English translation:   Telnet, a simple way to connect one computer to another. Great for command line work. 

Now what is my beef with Telnet?  Nothing..   My beef is with the implementations of telnet.  Telnet is an “in the clear” communication. That means that data transmited over a telnet connection is sent with no encryption, no obfuscation,  and no joy…

What is telnet commonly used for you might ask?  In computing environments you will see telnet used as a remote command line access system. Administrators and users alike log into servers across the network, and perform what ever tasks required. 

You can probably see the issue I am getting at, and thousands of security professionals before me have gotten at…   An administrator, with root access,  logs into a server using telnet. Their credentials (username/password) are sent in plaintext. Someone sniffing packets on the network has a chance to grab those credentials. Now your administrative access has been owned.

But Josh, I’m on a switched network, packet sniffers can’t get my traffic, that would only work on a hub or wireless.  A good observation,  but not true.  Your switched network offers a little protection against it,  but is not difficult to get around .

So what does this mean?  Is the worlded doomed to telnet horror? 

There is a simple solution my friends.. not elegant, not bulletproof, but better than telnet.  A simple SSH connection.   It does require a ssh server on one side of the connection and a ssh capable client on the other, but the encryption benefits far out way the small cost (cpu cycles wise) in most cases.

So, the next time you find yourself typing the word telnet…  stop and think.. Do I really need to use telnet? Or can I move into the 21st  century and enter the SSH world.

Posted in Security Policy by Josh-The Admin

3 Responses to “A Telnet Rant”

  1. May 21st, 2010 at 5:41 pm

    Crystal Says:

    amen

  2. May 22nd, 2010 at 1:47 am

    dude Says:

    Dude, you freakin use telnet to test HTTP servers not for remote access. But of course for that netcat and socat are better…… I prefer my targets to use either telnet or the weak Debian SSH keys, they are easier to pwn.

  3. May 22nd, 2010 at 10:28 am

    Josh Says:

    You won’t find a disagreement from me if I were on the attacking side of the house for a penn test. But, you did hit the hammer on the head(yes, I know…) naming netcat as a bit better tool. Though telnet has a slight advantage of being on most OS releases by default. The rant was more directed at companies, corporations, and individuals who feel the need to use Telnet for their chosen remote admin tool. (Debian key vuln for those that are curious)

Leave a Reply