A telnet server: remote command line access

Aug 17 '01 (Updated Aug 29 '01)

The Bottom Line Telnet servers can be powerful tools in the hands of an experienced administrator or a horrid wormhole when improperly configured.

When a company implements a new server for web development or file hosting, often they will not have a specific IT staff member whos job is to sit and work with that particular server at the server console, even under todays KBM equipment conditions. Instead, some companies will opt to have thier UNIX/LINUX or Windows 2000 Server Family based servers be worked with for most common tasks via SMTP maneagement and Telnet access.

Telnet access is when a user in a location that is not directly connected to a computer is able to gain command line or "shell" access to a machine by access to telnet server software on either port 23 or the designated port for telnet on that particular machine.

By using telnet, a network or server administrator will not have to leave his or her desk in order to do basic administrative tasks (or in the case of UNIX/LINUX even complex administrative tasks are possible). They simply open a telnet client, use a hostname/IPaddress and the port number (once again, the default is 23) and then have shell access to the computer that they are trying to reach.

Almost always, the telnet server will require a username and password provided by the operating system to authenticate the user in order to make sure that the user is authorized access to whatever services that he or she is attempting to access. In the case of telnet on a windows 2000 or NT server, you can configure the integrated telnet server to attempt NTLM authentication which, if the machine that you are on is logged into a domain the same as, or trusted by, the domain that the server running telnet is on, menas you dont have to type in a user and password at all but rather go straight to the command line.

Almost always, there will be some ability to restict user access from certain areas via different means. On a windows 2000 or nt machine hosting telnet, you can make the machine verify that the connecting person is coming from certain domains. On a linux or unix telent host (SSH), you can actually build ban lists which specify IP addresses from which your telnet server will not allow connections.

Telnet servers are not for everyone, however. Because the telnet server is both an internetwork application and can potentially allow users root or LocalSystem access, running telnet server software on your home machine or improperly configured on a business server can lead to security breeches and miscellaneous hacking attempts. Often there will be patches availible for the operating systema and the software itself to be able to block as many of these hacking attempts as possible and the user implementing the server can also protect further by working with a firewall and a planned perimeter network for network security. In addition, you will probably have to make a port 23 hole in your firewall to access your server. If you are using a hardware firewall, I would suggest setting up a rule so that only machines which have telnet servers running on them which should be accessible from outside can be accessed on port 23. If on a software firewall, because you have to do an 'allow' or 'trust' for port 23 traffic, your best defence is simply making sure that you update your operating system and the telnet server software itself regularly to protect against as many attacks as possible.

All in all, telnet servers can be a powerful administration tool in the hands of an experienced user when properly configured or a horrid wormhole into system access and hackers delight if not protected and set up properly. If you do not need remote administration capabilities for a specific purpose I would advise against launching a telnet service "just for the fun of it".

Comments on this Review

Read all comments (2)

Write your own comment

Epinions.com ID:
clocks

Member: Wayne Frazee

Location: Panama City Beach, FL

Reviews written: 100

Trusted by: 50 members

About Me:
I am an IT Manager for a game development company in Panama City Beach, FL.

View all reviews by clocks

View clocks's profile

Ads by Google

Telnet Terminal EmulationAutomate Telnet apps with VT & TN. Free 30 day trial. Download Now..www.NetworkAutomation.com/Telnet

Understanding Web HostingLearn about the Advantages of Managed Hosting in our Info Center..www.Rackspace.com/Hosting101

Managed FTPFree Download: How To Secure Your Company's Data With Managed FTP.www.Axway.com

SSH Server for WindowsEasy to install, very configurable. Secure, fast and reliable..www.Bitvise.com

Ethernet White PaperQuick easy to understand ethernet guide. Instant PDF download..www.bb-elec.com

Epinions | Shopping.com | Rent.com | Free Classifieds | Price Comparison UK

Epinions.com periodically updates pricing and product information from third-party sources,
so some information may be slightly out-of-date. You should confirm all information before relying on it.