Can you explain why Telnet is easy to compromise and what an enterprise can use as a more secure replacement for...
Ask the expert!
Got a vexing problem for Mike Chapple or any of our other experts? Ask your enterprise-specific questions today! (All questions are anonymous.)
There is simply no excuse for using the Telnet protocol on a modern network. Any organization that relies on Telnet should immediately take steps to switch to a more secure protocol for connecting to remote systems.
The Telnet protocol is older than most system administrators! It was developed in 1969 as a rudimentary tool to allow users to make text-based connections between computers. This was revolutionary at the time, providing one of the first facilities for communicating across the fledgling Internet.
To understand Telnet security risks, it is necessary to understand the context in which the protocol was developed. The Internet of 1969 was an incredibly different place. There was a grand total of four sites on the Internet, and they belonged to research universities working in conjunction with the U.S. military. The users of the Internet literally knew one another personally and were working on the same projects. There was simply no security threat.
In this idyllic world of the early Internet, the designers of the Telnet protocol focused exclusively on functionality. They did not add any security features beyond a simple username and password authentication scheme and, as it turns out, developed an inherently insecure protocol. The fundamental flaw with Telnet is that it does not use any encryption. Anyone eavesdropping on a network segment can view all Telnet traffic (including the usernames and passwords) in the clear as it transits the network.
As the Internet grew, this limitation quickly became apparent. In 1995, developers released the first version of a new tool called the secure shell (SSH) that provides Telnet-like functionality over a secure encrypted tunnel. Sixteen years later, there is simply no excuse to be relying upon the half-century old Telnet protocol. It’s time to switch to this Telnet alternative!
Dig Deeper on Network Protocols and Security
Related Q&A from Mike Chapple
The OWASP Top Ten list is not a compliance standard but a set of best practices for enterprises looking to boost Web app security. Here's how to get ...continue reading
A data breach notification policy is important to have, but deciding how to alert customers can be tough. Expert Mike Chapple explains some best ...continue reading
Tokenization technology can be confusing. Expert Mike Chapple explains what the difference is between two types of tokens and how tokenization can ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.