Microsoft's Telenet
Page 1 of 2 12 LastLast
Results 1 to 10 of 18

Thread: Microsoft's Telenet

  1. #1

    Question Microsoft's Telenet

    Can Microsoft's Telnet become a security threat to Windows XP users? Is there a way to firewall it so that in can not be used as an exploit?

  2. #2
    Senior Member gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177

    Re: Microsoft's Telenet

    Originally posted here by Tetrismaster101
    Can Microsoft's Telnet become a security threat to Windows XP users?


    Telnet is a security threat in general. Anything plain text should never accept a password.






    Is there a way to firewall it so that in can not be used as an exploit?

    .... Are you talking about using it or...?



    I would worry about using it for anything other than something which requires Telnet and telnet only. Which I doubt anything does anymore unless yuo have some shitty legacy application with no SSH support.

    As for exploits, it is an application and ALL applications can be hacked / cracked one way or another because it's code, and anything written and compiled has an error somewhere.


    Windows XP, the firewall it comes with is crap and there was recently another security flaw found in it which took half a year to fix, I wouldn't recommend it at all.

    You really should be a bit more descriptive. I interpreted your question 9 ways, and I'm not going into each way.

  3. #3
    Senior Member
    Join Date
    May 2003
    Posts
    1,199
    yes telnet is a security risk. You can block the port telnet uses(23?) with any decent firewall, and not use it. You could use something like SSH or Putty to do your telnet stuff.
    Everyone is going to die, I am just as good of a reason as any.

    http://think-smarter.blogspot.com

  4. #4
    Banned
    Join Date
    Sep 2004
    Posts
    145
    The only remaining need for telnet is in older network hardware, routers and ****.

    Instead of using your browser, you had to telnet to the router.


    Oh yeah... Wargames too.


    Telnet is not a security hole. The telnet server is.

  5. #5
    Senior Member gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    So pretty much the same thing I said worded differently?

  6. #6
    Senior Member
    Join Date
    Apr 2004
    Posts
    228
    You can actualy switch off Telnet Service on Windows. Go to

    "Control Panel - Administrative Tools - Services"

    Find "Telnet Service" in there,
    Rightclick on it and in the "Propeties - Startup Type"
    change the field to "Manual" or "Disabled"

    Hope it helps you

    Telnet is a part of TCP/IP protocols and can become a threat to you. People can use it to Log on to your PC from the distance and actualy overtake it. They can also use Telnet option to conect to other ports of your PC except port 23. If I'm not mistaken, Telneting to port 15 will give an attacker the infor about your PC, e.g. which operating system are you runing and some of the services. I think that most of the firewalls heve these two ports blocked as default same as most of the others.
    Don\'t post if you\'ve got nothing constructive to say. Flooding is annoying

  7. #7
    Senior Member
    Join Date
    Oct 2001
    Posts
    748
    We really need more information from the requestor to properly understand the question. If he is talking about the telnet client in XP, than yes, it has a major flaw that had a patch released just last week.

    There really is no longer a telnet client in XP, it is integrated into hyperterminal, which has this flaw-

    http://www.microsoft.com/technet/sec.../ms04-043.mspx

  8. #8
    Senior Member
    Join Date
    Jul 2001
    Posts
    420
    Originally posted here by nightcat
    You can actualy switch off Telnet Service on Windows. Go to

    "Control Panel - Administrative Tools - Services"

    Find "Telnet Service" in there,
    Rightclick on it and in the "Propeties - Startup Type"
    change the field to "Manual" or "Disabled"

    Hope it helps you

    Telnet is a part of TCP/IP protocols and can become a threat to you. People can use it to Log on to your PC from the distance and actualy overtake it. They can also use Telnet option to conect to other ports of your PC except port 23. If I'm not mistaken, Telneting to port 15 will give an attacker the infor about your PC, e.g. which operating system are you runing and some of the services. I think that most of the firewalls heve these two ports blocked as default same as most of the others.
    Good tip. I wonder what reason a typical user would have for enabling this service? I keep it disabled on all my boxes.

    Happy Holidays, -ah f#$^% it -enough of the policaly correct BS - Merry Christmas,
    -D
    If you spend more on coffee than on IT security, you will be hacked. What\'s more, you deserve to be hacked.
    -- former White House cybersecurity adviser Richard Clarke

  9. #9
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786
    MS telnet is configured to use NTLM authentication by default not plain text so you must be authenticated on the network before you can use it. but the option is in the server config. to allow plain test. if your behind a firewall in a trusted environment there is no problem with using telnet. with NTLM only those users that have permissions to logon to a computer running a telnet server can do so.

    if you have no use for it... turn it off. just like any other service.
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  10. #10
    Explain to me what "NTLM" is? I usually don't just go into my box and just turn everthing off that i don't need, cuz if i did that i wouldn't have a box anymore, knowing me i would end up shutting something off that wasn't suppose to be turned off.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •