Telnet

hi to all

please kindly explain on how telnet works?...and would be possible to connect to another computer by using this method?...how?..i'm trying out an experimental network and would like to know on how hackers are able to do damage by just using telnet...if possible can you provide me of steps on how hackers are able to take advantage of this service?...thank you very much

Jhun –

Telnet is another old and forgotten tool to most common users.
In its day a long, long, long time ago it was used to access email and “Shell” accounts.
Now days yes you are correct it is one tool used by hackers to do destructive things. Plus as you mentioned, yes you can connect to another computer and access files or even participate in an old time BBS type connection. The newest fad with Telnet is “Rip Script” which adds animation mouse (point and click) action.

The animation is in no way as good and detailed as you may think, it’s rough as you may see on a Commodore or a 286 PC in DOS mode but it is a advancement for Telnet. ISP’s also use Telnet to access there mail server to clean out your mail box if there are large size files blocking and not allowing the mail to come down. This would also be good to pre-check your mail and delete if you think you may have a virus.

Telnet servers can be on Linux and Windows Server platforms.
You can install 3rd party server software from:

• Hilgraeve - www.hilgraeve.com/products/index.html
• Remotley Anywhere -http://www.remotelyanywhere.com/dmcq/telnet.asp
• Pragma - www.pragmasys.com/TelnetServer/
• Putty - www.chiark.greenend.org.uk/~sgtatham/putty/

There are more if you do a search on Google.

Client software can also be located at most of those sites. www.Symantec.com also offers a nice Telnet client in there Swiss army knife ProComm Plus (I use this), this offers a lot of nice options for Telnet, plus it offers a terminal program for connecting to CNR’s or just about anything else that requires connection via a comport or LPT port. Plus it features FAX and FTP.

Windows 3.11 WFWG thru the latest version of Windows includes a Telnet Client.
All can be accessed thru DOS (Command Window – Start/Run/Command/Enter)
At the prompt Type <Telnet / Enter> this (depending on OS) will open up a new client Window or will give you a Telnet Prompt. Either way you will need to type in your parameters to finish the connection. For Linux you need to open up the Console or Terminal Window, type in connection parameters.

The parameters would be something like: C:\>telnet Symantec.com:23 <enter>
Or you could include the IP address: C:\>telnet 192.168.0.1:23 <enter>
The colon 23 ( :23 ) represents the port number that the communication will connect on.
By default port 23 is reserved for Telnet, so if connecting on this port you can omit it.
But if you need to connect on any of the other 65,534 ports then set it to that.
So that’s how a hacker would attempt to make a connection to a computer using Telnet.
Now that I have mention that trick I don’t expect any one to hack on some unknown.
But if you are an Admin, then you must educate yourself and set up a test network and experience for yourself so you can better tighten down your network.

Here is a link that will connect you to a BBS system that still uses Telnet.

cth.dtdns.net.ht

There are more, I unable to locate my list right now.

This with any luck answer you quandary, and get you headed in the right direction.

Good Luck.

thanks so much for the info. i never imagined that it could be this much info..anyway i will try out telnet on my experimental network wherein i would like to find how hackers are able to embed (corrrect me if i'm wrong) trojans/viruses or even make changes within the system structure by just using telnet. this site really has it all. thank you very much.

JHun –

When hackers connect they will not have access to a GUI and make changes as if you would have a remote control program such as pcAnywhere or Go2MyPC.

But what they would do is make the connection then transfer hosts file such as NetBus, Back Orifice or any other backdoor Trojan, these will then allow the hacker to make a connection then they will be able to have GUI like connection.

What I mean GUI like is, they have a window that offers a slew of commands to execute as well as browse that would allow them to browse your computer’s tree.
There are some Trojans that do offer a full GUI, they see your desktop just as you do, they see what your typing or doing.

When you experiment pay attention to what ports are open – before/during and after the experiment this give you a better concept of what’s going on. Make sure you close these ports on your firewall inbound and out.

With all that please remember Firewall.cx or my self does not encourage hacking of others but we do encourage education.

Best Regards.

thanks jack for the info. i guess your the master when it comes to telnet. ...i really learn alot. and don't worry i'm making sure that i'm applying all that i learned for study purposes only. i would like to be a network security specialist just like your security specialist sahirh... that's why i'm starting off with this topic since although this kind of service maybe old, still it is being used by hackers in compromising the network. hope that i'm starting off in the right foot. again many thanks jack for that very informative post. ...by the way are there also softwares that offer monitoring of any network activity (e.g. ports open, inbound and outbound activities)...any suggestions are mostly appreciated....thank you very much

lets say i was trying to log into my fathers computer in his office using telnet, would i need a domain logon/pass?. also im not kidding i really am trying to get into my dads comp.