Can you explain why Telnet is easy to compromise and what an enterprise can use as a more secure replacement for...
Ask the expert!
Got a vexing problem for Mike Chapple or any of our other experts? Ask your enterprise-specific questions today! (All questions are anonymous.)
There is simply no excuse for using the Telnet protocol on a modern network. Any organization that relies on Telnet should immediately take steps to switch to a more secure protocol for connecting to remote systems.
The Telnet protocol is older than most system administrators! It was developed in 1969 as a rudimentary tool to allow users to make text-based connections between computers. This was revolutionary at the time, providing one of the first facilities for communicating across the fledgling Internet.
To understand Telnet security risks, it is necessary to understand the context in which the protocol was developed. The Internet of 1969 was an incredibly different place. There was a grand total of four sites on the Internet, and they belonged to research universities working in conjunction with the U.S. military. The users of the Internet literally knew one another personally and were working on the same projects. There was simply no security threat.
In this idyllic world of the early Internet, the designers of the Telnet protocol focused exclusively on functionality. They did not add any security features beyond a simple username and password authentication scheme and, as it turns out, developed an inherently insecure protocol. The fundamental flaw with Telnet is that it does not use any encryption. Anyone eavesdropping on a network segment can view all Telnet traffic (including the usernames and passwords) in the clear as it transits the network.
As the Internet grew, this limitation quickly became apparent. In 1995, developers released the first version of a new tool called the secure shell (SSH) that provides Telnet-like functionality over a secure encrypted tunnel. Sixteen years later, there is simply no excuse to be relying upon the half-century old Telnet protocol. It’s time to switch to this Telnet alternative!
Related Q&A from Mike Chapple
The updated HITRUST Common Security Framework allows organizations to manage privacy, security and compliance with one framework. Here's how it works...continue reading
A HIPAA audit covers privacy compliance, and organizations need to be prepared. Expert Mike Chapple discusses privacy in the audits.continue reading
A data breach warranty may seem like a tempting way to survive a costly attack, but it may not be all it's hyped up to be. Expert Mike Chapple ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.