Telnet & Secure Shell


Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Telnet & Secure Shell

  1. 1. TELNET Telnet is a combined words of Telecommunications Network, and is one of the major network protocols used on the Internet, telnet is a textbased protocol, works on the application layer of the OSI model, is a general-purpose client-server application program, it is one of the earliest network protocols, which was developed in 1969 and has evolved over the years to be a robust protocol. The original purpose of telnet was to have an easy interface for terminals to interact with one another, using relatively simple command structures and accessible interfaces. It provides a bidirectional interactive text-oriented communication facility via virtual connection. Once the telnet connection is established users can perform authorize function on a the server as telnet lets the client and server negotiate options before or during the use of the service.
  2. 2. TELNET        Can be used to send and receive information Administration of network elements Supports user authentication Collaboration of multiple users Can be used to send and receive information Most OS include an Application layer Telnet client All Telnet clients and servers implement a network virtual terminal.
  3. 3. TELNET      Display only text and numbers No graphics No color No mouse (no menus, check boxes, etc) Do not support the transport of encrypted data
  4. 4. TELNET UserName authentication Password User granted access TelNet Server
  5. 5. TELNET Network Virtual Terminal is responsible for translating operating system-specific instructions (keyboard codes or display codes) into a consistent set of codes that all Telnet clients and servers can transmit and receive. The NVT is what makes Telnet clients and servers capable of communicating with each other regardless of which operating system they are using and provides a standard communication base, comprised of: 7 bit ASCII characters to which the extended ASCII code is added Three control characters Five optional control characters A set of basic control signals
  6. 6. TELNET An online game, a text-based nature of telnet in ASCII char; plain, classic but still fun
  7. 7. TELNET This is a sample telnet session of a network host running virtually on a terminal in Win7 wherein the communication is bidirectional (2-way) the host displays text only, and then awaits an Enter key press to continue
  8. 8. TELNET Code Option Description 0 Binary Interprets an 8-bit binary transmission 1 Echo Echo the data receive on 1 side to the other 3 Suppress go ahead Suppress go-ahead to signal data 5 Status Request the status of Telnet 6 Timing Mark Defines the timing marks 24 Terminal Type Set the terminal type 32 Terminal Speed Set the terminal speed 34 Line Mode Change the line mode
  9. 9. TELNET Sender WILL WILL Direction Receiver Description Meaning DO Sender wants to enable option. Receiver says OK. Option is in effect DON’T Sender wants to enable option. Receiver says no. Option is not in effect DO WILL Sender wants receiver to enable option. Receiver says OK. Option is in effect DO WON’T Sender wants receiver to enable option. Receiver says no. Option is not in effect WON’T DON’T Sender wants to disable option. Receiver must say OK. DONT is only valid response DONT WON’T Sender wants receiver to disable option. Receiver must say OK. WONT is only valid response
  10. 10. TELNET TELNET suffers from security problems. TELNET requires a login name and password (when exchanging text). Ex.threat : A microcomputer connected to a LAN can easily eavesdrop using snooper software to capture a login name and the corresponding password even if it is encrypted. For this reason, Telnet has been largely replaced by the more secure SSH protocol. Encryption is the conversion of data into a form, called a ciphertext, that cannot be easily understood by unauthorized people. Decryption is the process of converting encrypted data back into its original form, so it can be understood
  11. 11. SECURE SHELL SSH is a cryptographic network protocol for secure data communication, via a secure channel over an unsecure network of a server and a client. Secure Shell is an alternative protocol to TelNet and Rlogin which connects to Unix servers originally created in 1995. Cryptography – anything written in a secret code or cyphers
  12. 12. SECURE SHELL Client Server SSH Normally a data is transmitted between client and server but not in a secure line, like internet To transmit data in a secure line, we use Secure SHell
  13. 13. SECURE SHELL SSH is important in cloud computing to solve connectivity problems, avoiding the security issues of exposing a cloud-based virtual machine directly on the Internet. An SSH tunnel can provide a secure path over the Internet, through a firewall to a virtual machine Key Benefits 1. Confidentiality - nobody can read the message content 2. Authentication (of both the client and server) - protection against IP spoofing, IP source routing, DNS spoofing, password interception and eavesdropping 3. Integrity - guarantee that data is unaltered on transit Cryptography – anything written in a secret code or cyphers
  14. 14. SECURE SHELL  can handle secure remote logins (ssh)  can handle secure file copy(scp) and drive secure FTP  Strong integrity checking via message authentication codes  transfer a file from a computer to another  Better security through key exchange  Browsing the web through an encrypted proxy connection, using the SSH server as a proxy  Both ends authenticate themselves to the other end or all traffic encrypted
  15. 15. SECURE SHELL  can be considered a security risk by companies or governments who do not trust their users  SSH2 has inherent design flaws which make it vulnerable to manin-the-middle-attacks Most modern servers and clients this days support SSH-2
  16. 16. SECURE SHELL SSH authenticates through:  Public Key Encryption(RSA or DSA)/Private Key Each computer in the communication has two keys, a public key and a private key. The message is encrypted using the public key, which is available to anyone, but can only be decoded using the private key, which is known by only the destination computer. Though the keys are mathematically related, there is no way to figure out the private key using the public key. SSH uses the following ciphers for authentication: Cipher SSH1 SSH2 RSA yes yes DSA no yes Cipher are usually secret codes / hidden writing
  17. 17. SECURE SHELL Difference between: SSH1 - uses server and host keys to authenticate systems SSH2 – more secure because it uses only host keys Difference between: DSA is generally faster in decryption but slower for encryption RSA is less secure than DSA but authenticates faster Encryption is the conversion of data into a form, called a ciphertext, that cannot be easily understood by unauthorized people. Decryption is the process of converting encrypted data back into its original form, so it can be understood RSA was named after its 3 inventors. DSA stands for Digital Signature Algorithm
  18. 18. SECURE SHELL  Kerberos • Only a single login is required per session • The concept depends on a trusted third party – using systems in the network and is trusted by all of them • It performs mutual authentication, where a client proves its identity to a server and a server proves its identity to the client.  Host-Based Auth. Host-based authentication in SSH is used Simple trust: the host is certified trusted, the user is trusted even no password is provided, then the communication starts.
  19. 19. Conclusion Telnet is one of the protocols that helps in network communications and used to communicate with other computers and machines in a text-based manner with support of other programs. Ssh will not help you with anything that compromises your host's security in some other way. Once an attacker has gained root access to a machine, he can then subvert or destroy ssh, too. If somebody malevolent has access to your home directory, then security is nonexistent. Other forms of security or firewall can be added in the network system
  20. 20. Summary Using telnet to establish a connection to a host is simple, you can interact with the remote computer directly by typing simple commands. Normally the data transmission between client and server is not in a secure line and to make it secure an administrator can implement secure shell which can terminate a secure session utilizing an encryption. To sum it up in simple terms, Telnet protocol supports user authentication, it does not support the transport of encrypted data unlike the Secure Shell protocol which offers an alternate and secure method for server access. As a best practice, network professionals should always use SSH in place of Telnet, whenever possible.
  21. 21. ?
  22. 22. Thank You!