Can you explain why Telnet is easy to compromise and what an enterprise can use as a more secure replacement for Telnet?
Ask the expert!
Got a vexing problem for Mike Chapple or any of our other experts? Ask your enterprise-specific questions today! (All questions are anonymous.)
There is simply no excuse for using the Telnet protocol on a modern network. Any organization that relies on Telnet should immediately take steps to switch to a more secure protocol for connecting to remote systems.
The Telnet protocol is older than most system administrators! It was developed in 1969 as a rudimentary tool to allow users to make text-based connections between computers. This was revolutionary at the time, providing one of the first facilities for communicating across the fledgling Internet.
To understand Telnet security risks, it is necessary to understand the context in which the protocol was developed. The Internet of 1969 was an incredibly different place. There was a grand total of four sites on the Internet, and they belonged to research universities working in conjunction with the U.S. military. The users of the Internet literally knew one another personally and were working on the same projects. There was simply no security threat.
In this idyllic world of the early Internet, the designers of the Telnet protocol focused exclusively on functionality. They did not add any security features beyond a simple username and password authentication scheme and, as it turns out, developed an inherently insecure protocol. The fundamental flaw with Telnet is that it does not use any encryption. Anyone eavesdropping on a network segment can view all Telnet traffic (including the usernames and passwords) in the clear as it transits the network.
As the Internet grew, this limitation quickly became apparent. In 1995, developers released the first version of a new tool called the secure shell (SSH) that provides Telnet-like functionality over a secure encrypted tunnel. Sixteen years later, there is simply no excuse to be relying upon the half-century old Telnet protocol. It’s time to switch to this Telnet alternative!
Dig deeper on Network Protocols and Security
Related Q&A from Mike Chapple, Enterprise Compliance
Social media compliance is not typically considered a big issue for companies, but expert Mike Chapple explains why it should be.continue reading
Metadata tagging is not just for security. Expert Mike Chapple explains how tagging tools can be used to achieve PCI DSS compliance.continue reading
Before using the HIPAA-compliant cloud services from Google, there are some things companies need to know, according to expert Mike Chapple.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.