Port 23 TCP

Telnet Protocol - Unencrypted Text Communications

Official Un-Encrypted App Risk 4 Packet Captures Edit / Improve This Page!

Telnet operates using TCP Port 23 and provides many systems with an unencrypted communications channel for text-based information.

It's most common usecase is as an Operations and Management interface (O&AM) for network attached devices; where an administrator will use Telnet to connect via IPv4 or IPv6 to a remote system, authenticate with the device with predefined credentials and then manage the device using vendor/platform specific commands.

Overview

Telnet (also known as Terminal Network) is a networking protocol used to provide delivery of text between two network attached terminals or computers, typically this is for a client machine to interface with the Command Line Interface (CLI) of another machine, a piece of equipment or a server.

The interface was commonly used in networking equipment (Cisco, Juniper etc.) such as routers and switches for an administrative command line interface, however more recently protocols such as SSH are becoming more popular.

Security & Alternatives (SSH)

As the Telenet protocol is unencrypted, it is now only usually used within a companies local area network, or for a temporary interface - Any data transferred is done so within clear-text, therefore a man-in-the-middle or snooping attack is able to see any credentials or information passed.

The protocol does also work via the public Internet, however it is not as widely used due to the lack of encryption, and other more suited modern protocols such as SSH.

SSH (Port 22/TCP) functionally is very similar to Telnet, however it is encrypted, therefore can be used outside of a local network more safely - SSH also allows credential based authentication, along with more secure key/certificated based authentication.

How to Connect to Telnet Devices

Most Linux/Unix based machines such as OSX will automatically have a telnet client installed, which can be used by typing "telnet" within their native terminal window, followed by either the IP Address or Hostname of the remote Telnet Server, the port will automatically use 23.

When using Windows you will likely need to enable the telnet client through the Windows Features section of your control panel first, once this is done you can use the Telnet client via a CMD window, in the same manner of simply typing "telnet" followed by the IP or Hostname.

More commonly on windows users will typically download the free application PuTTY which is a more feature rich terminal emulator with a GUI where the connections are created and saved - Within PuTTY simply select Telnet as the protocol on the radio button, and enter the remote host to connect.

Telnet Further Details

The Protocol is defined by RFC854 which was first released back in May 1983, called the "Telnet Protocol Specification".

Due to the age of Telnet there has been a large number of vulnerabilities found within different implementations, and it's typically best to disable the Telnet Server in favour of a more modern alternative, or ensure that a firewall is in place to block connection attempts from untrusted IP addresses.

36 Position 1 Contributor 26,973 Views

Tags: Telnet

External Links: RFC854