- Posts: 356
- Thank you received: 0
Telnet
20 years 4 months ago #4252
by jhun
hi to all
please kindly explain on how telnet works?...and would be possible to connect to another computer by using this method?...how?..i'm trying out an experimental network and would like to know on how hackers are able to do damage by just using telnet...if possible can you provide me of steps on how hackers are able to take advantage of this service?...thank you very much
please kindly explain on how telnet works?...and would be possible to connect to another computer by using this method?...how?..i'm trying out an experimental network and would like to know on how hackers are able to do damage by just using telnet...if possible can you provide me of steps on how hackers are able to take advantage of this service?...thank you very much
20 years 4 months ago #4258
by Jack
Jack Burgess,
Firewall.cx Staff
News Editor / Forum Moderator
www.jacksjunk.com
Replied by Jack on topic Re: Telnet
Jhun –
Telnet is another old and forgotten tool to most common users.
In its day a long, long, long time ago it was used to access email and “Shell” accounts.
Now days yes you are correct it is one tool used by hackers to do destructive things. Plus as you mentioned, yes you can connect to another computer and access files or even participate in an old time BBS type connection. The newest fad with Telnet is “Rip Script” which adds animation mouse (point and click) action.
The animation is in no way as good and detailed as you may think, it’s rough as you may see on a Commodore or a 286 PC in DOS mode but it is a advancement for Telnet. ISP’s also use Telnet to access there mail server to clean out your mail box if there are large size files blocking and not allowing the mail to come down. This would also be good to pre-check your mail and delete if you think you may have a virus.
Telnet servers can be on Linux and Windows Server platforms.
You can install 3rd party server software from:
• Hilgraeve - www.hilgraeve.com/products/index.html
• Remotley Anywhere -http://www.remotelyanywhere.com/dmcq/telnet.asp
• Pragma - www.pragmasys.com/TelnetServer/
• Putty - www.chiark.greenend.org.uk/~sgtatham/putty/
There are more if you do a search on Google.
Client software can also be located at most of those sites. www.Symantec.com also offers a nice Telnet client in there Swiss army knife ProComm Plus (I use this), this offers a lot of nice options for Telnet, plus it offers a terminal program for connecting to CNR’s or just about anything else that requires connection via a comport or LPT port. Plus it features FAX and FTP.
Windows 3.11 WFWG thru the latest version of Windows includes a Telnet Client.
All can be accessed thru DOS (Command Window – Start/Run/Command/Enter)
At the prompt Type <Telnet / Enter> this (depending on OS) will open up a new client Window or will give you a Telnet Prompt. Either way you will need to type in your parameters to finish the connection. For Linux you need to open up the Console or Terminal Window, type in connection parameters.
The parameters would be something like: C:\>telnet Symantec.com:23 <enter>
Or you could include the IP address: C:\>telnet 192.168.0.1:23 <enter>
The colon 23 ( :23 ) represents the port number that the communication will connect on.
By default port 23 is reserved for Telnet, so if connecting on this port you can omit it.
But if you need to connect on any of the other 65,534 ports then set it to that.
So that’s how a hacker would attempt to make a connection to a computer using Telnet.
Now that I have mention that trick I don’t expect any one to hack on some unknown.
But if you are an Admin, then you must educate yourself and set up a test network and experience for yourself so you can better tighten down your network.
Here is a link that will connect you to a BBS system that still uses Telnet.
cth.dtdns.net.ht
There are more, I unable to locate my list right now.
This with any luck answer you quandary, and get you headed in the right direction.
Good Luck.
Telnet is another old and forgotten tool to most common users.
In its day a long, long, long time ago it was used to access email and “Shell” accounts.
Now days yes you are correct it is one tool used by hackers to do destructive things. Plus as you mentioned, yes you can connect to another computer and access files or even participate in an old time BBS type connection. The newest fad with Telnet is “Rip Script” which adds animation mouse (point and click) action.
The animation is in no way as good and detailed as you may think, it’s rough as you may see on a Commodore or a 286 PC in DOS mode but it is a advancement for Telnet. ISP’s also use Telnet to access there mail server to clean out your mail box if there are large size files blocking and not allowing the mail to come down. This would also be good to pre-check your mail and delete if you think you may have a virus.
Telnet servers can be on Linux and Windows Server platforms.
You can install 3rd party server software from:
• Hilgraeve - www.hilgraeve.com/products/index.html
• Remotley Anywhere -http://www.remotelyanywhere.com/dmcq/telnet.asp
• Pragma - www.pragmasys.com/TelnetServer/
• Putty - www.chiark.greenend.org.uk/~sgtatham/putty/
There are more if you do a search on Google.
Client software can also be located at most of those sites. www.Symantec.com also offers a nice Telnet client in there Swiss army knife ProComm Plus (I use this), this offers a lot of nice options for Telnet, plus it offers a terminal program for connecting to CNR’s or just about anything else that requires connection via a comport or LPT port. Plus it features FAX and FTP.
Windows 3.11 WFWG thru the latest version of Windows includes a Telnet Client.
All can be accessed thru DOS (Command Window – Start/Run/Command/Enter)
At the prompt Type <Telnet / Enter> this (depending on OS) will open up a new client Window or will give you a Telnet Prompt. Either way you will need to type in your parameters to finish the connection. For Linux you need to open up the Console or Terminal Window, type in connection parameters.
The parameters would be something like: C:\>telnet Symantec.com:23 <enter>
Or you could include the IP address: C:\>telnet 192.168.0.1:23 <enter>
The colon 23 ( :23 ) represents the port number that the communication will connect on.
By default port 23 is reserved for Telnet, so if connecting on this port you can omit it.
But if you need to connect on any of the other 65,534 ports then set it to that.
So that’s how a hacker would attempt to make a connection to a computer using Telnet.
Now that I have mention that trick I don’t expect any one to hack on some unknown.
But if you are an Admin, then you must educate yourself and set up a test network and experience for yourself so you can better tighten down your network.
Here is a link that will connect you to a BBS system that still uses Telnet.
cth.dtdns.net.ht
There are more, I unable to locate my list right now.
This with any luck answer you quandary, and get you headed in the right direction.
Good Luck.
Jack Burgess,
Firewall.cx Staff
News Editor / Forum Moderator
www.jacksjunk.com
20 years 4 months ago #4269
by jhun
Replied by jhun on topic Re: Telnet
thanks so much for the info. i never imagined that it could be this much info..anyway i will try out telnet on my experimental network wherein i would like to find how hackers are able to embed (corrrect me if i'm wrong) trojans/viruses or even make changes within the system structure by just using telnet. this site really has it all. thank you very much.
20 years 4 months ago #4281
by Jack
Jack Burgess,
Firewall.cx Staff
News Editor / Forum Moderator
www.jacksjunk.com
Replied by Jack on topic Re: Telnet
JHun –
When hackers connect they will not have access to a GUI and make changes as if you would have a remote control program such as pcAnywhere or Go2MyPC.
But what they would do is make the connection then transfer hosts file such as NetBus, Back Orifice or any other backdoor Trojan, these will then allow the hacker to make a connection then they will be able to have GUI like connection.
What I mean GUI like is, they have a window that offers a slew of commands to execute as well as browse that would allow them to browse your computer’s tree.
There are some Trojans that do offer a full GUI, they see your desktop just as you do, they see what your typing or doing.
When you experiment pay attention to what ports are open – before/during and after the experiment this give you a better concept of what’s going on. Make sure you close these ports on your firewall inbound and out.
With all that please remember Firewall.cx or my self does not encourage hacking of others but we do encourage education.
Best Regards.
When hackers connect they will not have access to a GUI and make changes as if you would have a remote control program such as pcAnywhere or Go2MyPC.
But what they would do is make the connection then transfer hosts file such as NetBus, Back Orifice or any other backdoor Trojan, these will then allow the hacker to make a connection then they will be able to have GUI like connection.
What I mean GUI like is, they have a window that offers a slew of commands to execute as well as browse that would allow them to browse your computer’s tree.
There are some Trojans that do offer a full GUI, they see your desktop just as you do, they see what your typing or doing.
When you experiment pay attention to what ports are open – before/during and after the experiment this give you a better concept of what’s going on. Make sure you close these ports on your firewall inbound and out.
With all that please remember Firewall.cx or my self does not encourage hacking of others but we do encourage education.
Best Regards.
Jack Burgess,
Firewall.cx Staff
News Editor / Forum Moderator
www.jacksjunk.com
20 years 4 months ago #4285
by jhun
Replied by jhun on topic Re: Telnet
thanks jack for the info. i guess your the master when it comes to telnet. ...i really learn alot. and don't worry i'm making sure that i'm applying all that i learned for study purposes only. i would like to be a network security specialist just like your security specialist sahirh... that's why i'm starting off with this topic since although this kind of service maybe old, still it is being used by hackers in compromising the network. hope that i'm starting off in the right foot. again many thanks jack for that very informative post. ...by the way are there also softwares that offer monitoring of any network activity (e.g. ports open, inbound and outbound activities)...any suggestions are mostly appreciated....thank you very much
Time to create page: 0.137 seconds