Telnet provides a remote terminal access protocol running over Transport Control Protocol. It allows a user at one site to establish a virtual circuit connection to a remote system and pass keystrokes from the local to the remote machine. Using Telnet, a user at one host can login to another host, appearing like a directly attached terminal at the remote system; this is TCP/IP’s definition of a virtual terminal.
Telnet uses a client/server structure and offers three basic services. First, it defines a network virtual terminal (NVT) that provides the interface to a remote system where the application process resides. Second, it provides a mechanism that allows the clients and servers to negotiate parameters. Finally, Telnet treats both ends of the connection symmetrically, meaning either end can act as the user or the host.
Telnet’s client/server model is very simple. The client (user) interacts with the user terminal to convert physical terminal characteristics to NVT. The server (host) interacts with the application process on the host system. It acts as a surrogate terminal handler so the remote terminal appears as the local terminal to the host system.
The baseline Telnet protocol specification is contained in STD 8/RFC 854, although there have been many extensions to the original protocol in other RFCs.
The accompanying visual shows a Telnet dialogue. In its simplest use, Telnet allows a user to log in to a remote system and appear just like any other local user.
A Telnet user initiates a connection to a remote host by typing Telnet and supplying either a host name or IP address. Optionally, the user can enter the application by using the Telnet command and then supplying the host name at the prompt. In the example shown on the visual, a user on one Internet host uses Telnet to connect to the host 22.214.171.124, a hypothetical Cisco router on the network. Once connected via Telnet, the user can do anything that they could ordinarily do if they were attached by a direct EIA-232 link or if they had dialed in by modem. The reason Telnet is considered a potential security hole should already be apparent: observe that by Telnetting into the router, a user has full access to the system configuration, as well as security and network topology information.
When finished, the user can use the logout command to log off of the host. The Telnet process will close the connection to the remote host and control returns to the local system.
|<mp3>http://podcast.hill-vt.com/podsnacks/2007q2/telnet.mp3%7Cdownload</mp3> | Telnet|