Telnet

The TELNET protocol allows a user to log into a system over the network and use that system as though the user was sitting at a terminal that was directly connected. The client and server programs which use the TELNET protocol are telnet and telnetd, respectively. The telnet command provides a user interface to a remote system. If telnet is invoked with the name of a remote host as an argument, a prompt is displayed and a user can log in as if they had called the system with a modem. Logging into a system using telnet can pose a security risk because a username and password are sent over the network in plain text one character per packet. Since these characters are not encrypted, it is possible for an electronic eavesdropper to capture a username and password for a system for which a telnet connection is being established.

In addition to the danger of network snooping, using the TELNET protocol presents the same sort of security risks as dial-in modems. ``Practical UNIX Security'' [GS91] lists the following reasons why using the TELNET protocol with a wide area network poses more risks than those posed by modems.

• Few computer centers publish the telephone numbers of their system's modems. For systems on the Internet and listed in the Internet domain servers, a user only needs to know a system's name in order to connect via telnet. Although this makes access easier for authorized users, it also makes access easier for attackers.

• Because it is significantly faster to connect via telnet to a system than to call the system with a modem, an attacker can try to guess more passwords in any given amount of time.

• Long distance calls cost the caller money, but there is usually no incremental charge for using telnet over the Internet. As a result, systems on the network are more subject to attack from around the country and around the world.

• It is often easier to access a system anonymously on the Internet than over phone lines. Modern telephone switching systems can trace calls in seconds and in many cases deliver the calling number to the system. Internet protocols make it easier for an intruder to disguise the source of an attack.