Encrypted Telnet Session
Results 1 to 9 of 9

Thread: Encrypted Telnet Session

  1. #1
    Member
    Join Date
    Apr 2003
    Posts
    51

    Question Encrypted Telnet Session

    Dear Ones:
    How to secure the telnet session against the sniffer softwares in windows 2k server, please explain briefly
    regards
    prem

  2. #2
    Member
    Join Date
    Nov 2002
    Posts
    80
    Try using a secure shell server instead, telnet is insecure by design as it sends data unencrypted including passwords.

    Googled secure shell serves for you
    Google seach for secure shell servers

    If you are the client and not the server it is even easier, just get a secure shell client such as 'putty' .

  3. #3
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    If you are the client and not the server it is even easier, just get a secure shell client such as 'putty' .
    One thing I wondered but have not had time yet to test...

    If you use a secure client such as putty... and you connect to telnet.
    Your session will still be clear text, right?

    That would make sense, becuase the keys are never set and the telnet sever wouldn't know what to do with the encyrpted data.

  4. #4
    Member
    Join Date
    Nov 2002
    Posts
    80
    Yes, it would still be plain text , you do have to connect using the secure shell (SSH) protocol to the SSH port (22).
    You can use putty just as a telnet client, but it would still be insecure, sorry I can see how I made that unclear.

    If you actualy tried to connect using the secure shell protcol but set the port to 23 (telnet) not 22 (ssh) I think it would probably fail to connect.

  5. #5
    Member
    Join Date
    Apr 2003
    Posts
    51
    How to configure SSH in win2k server??????

    Even if it is in SSH utilities like CAIN can decode it, how to prevent that???

  6. #6
    The Iceman Cometh
    Join Date
    Aug 2001
    Posts
    1,209
    Are you talking about configuring your Windows 2000 Server to accept an SSH connection? As far as I know, you're going to have to get a third-party program to set up an SSH server. I prefer Van Dyke's VShell. I currently have it configured on one of my Windows 2003 Servers, and I'm in the process of setting up the *nix Beta of VShell on a Red Hat box. I've been very happy with it.

    AJ

  7. #7
    Member
    Join Date
    Nov 2002
    Posts
    80
    If some program such as CAIN (think I found the right thing) are decoding enrypted data it is usually by brute force, this takes a long time to do.

    I expect there is a way of getting SSH to use longer ecryption keys, I don't have any experience with doing that I am afraid. But the general rule is the longer the key the longer it takes to crack, it is just a trade off between time/security and convenience.

  8. #8
    Member
    Join Date
    Apr 2003
    Posts
    51
    while i was checking my password strength Cain in P4 512 megs system took 33 hours to crack this password the password i choosed was kLing!@(), it was a NTLM Hash

  9. #9
    Junior Member
    Join Date
    Mar 2003
    Posts
    4
    Why are you using telnet? You could just as easily use e-mail, FTP, or VPN, depending on the intended use of the connection.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •