FTP and Telnet have long been considered a security risk because username, password login information and all subsequent...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
commands are transmitted as plaintext. Secure Shell or SSH is an application layer protocol as well, however, it provides secure encrypted communications over an insecure network and should be used anytime sensitive data is transferred. This is why some vendors are beginning to offer it as a secure alternative to both Telnet and FTP. Also, many Web hosting service providers are limiting or removing Telnet and FTP access for their customers, due to security concerns and replacing it with SSH. Although SSH is installed by default, on recent Red Hat Linux systems, SSH software is not part of the typical Windows desktop installation. So, if you use a Windows-based desktop you'll need to install a third-party program in order to communicate over SSH to a Red Hat server.
Operating systems will continue to support the FTP and Telnet protocols and I am sure programs that use them will always be available. However, you should consider whether the security risks of FTP and Telnet warrant their continued use. Keep in mind that older software can be costly to maintain and may not continue to work effectively with newer applications. I recommend retiring software that's old, underused or over-maintained. To learn more about the lifecycle of the products you are using, contact the vendor. Microsoft has a Support Lifecycle policy at http://support.microsoft.com/gp/lifeselectindex, which provides guidelines for product support availability. Windows 2000 Professional recently retired Mainstream Support, while Mainstream Support for Windows XP Professional runs until the end of 2006 (Extended Support runs until the end of 2011.) Microsoft also recently issued MS05-033, a security bulletin that alerts users about a vulnerability in their Telnet Client in Windows Server 2003 and Windows XP Professional. This is a separate application to Microsoft HyperTerminal, but shows the importance of vendor support for the products you use.
Dig Deeper on Windows Security: Alerts, Updates and Best Practices
Related Q&A from Michael Cobb
An old Java vulnerability was discovered to have been ineffectually patched. Expert Michael Cobb explains how this happened and what can be done to ...continue reading
Google's Certificate Transparency tool publicly logs certificates issued by CAs. Expert Michael Cobb explains how the log viewer works to improve ...continue reading
Crowning the most secure web browser is difficult, with research often turning up biased results. Expert Michael Cobb explains how to make a choice ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.