Microsoft's Telenet

[TheSpecialist]

Telnet is a security threat in general. Anything plain text should never accept a password.

Should never accept a password? So you won't mind me fooling around your account here then?

[jinxy]

Explain to me what "NTLM" is? I usually don't just go into my box and just turn everthing off that i don't need, cuz if i did that i wouldn't have a box anymore, knowing me i would end up shutting something off that wasn't suppose to be turned off.

This will explane NTLM: http://www.innovation.ch/java/ntlm.html

Plenty of threads here that detail what services can safely be turned off, have a browes around.

[Modderfokker]

Telnet in general by itself is not a security threat, windows does not include a telnet server by default. But plain text protocols like telnet are extremely more at risk from man-in-the-middle attacks. But if you dont use it no use.

[HTRegz]

Hey Hey,

I can't believe how long this thread has gone on for and how no one has really said anything... There were one or two original comments and then everyone else regurgitated the same thing. The misinformation/bad representation of the information has to be the worst part

Telnet is a security threat in general. Anything plain text should never accept a password.

I usually don't have a beef with what gore says.... but this was a little much. While it's true that we shouldn't have any passwords traversing the network in plain text... Most major protocols do... POP3, SMTP, HTTP... This is why we have secure versions of those protocols however they aren't taking off very well... Millions of passwords travel in the form of electrical and optical pulses every day.... The majority of them are plaintext. If we were to start encrypting everything that passed over the internet we'd eventually notice a speed decrease.

yes telnet is a security risk. You can block the port telnet uses(23?) with any decent firewall, and not use it. You could use something like SSH or Putty to do your telnet stuff.

PuTTY is simply a SSH/Telnet client... It doesn't even warrant mentioning here. As for the firewall why mention it? You could disable the service much easier

The only remaining need for telnet is in older network hardware, routers and ****.

Instead of using your browser, you had to telnet to the router.


Oh yeah... Wargames too.


Telnet is not a security hole. The telnet server is.

Older network hardware eh? I could show you a lot of hardware that still uses telnet.

As far as the browser thing.... real routers may have a Web Interface, but very few people use them... they are slow and bulky... Most people telnet into their routers. The idea of using a Website to configure a 'router' has been brought on by the home router generation of crap.

How does telnet benefit a wargame?

The telnet server is not a security hole... As long as it's up-to-date there's nothing wrong with it.... If you are looking for a security hole it would be the transmission of clear text passwords (or NTLM by default (in Windows) as Tedob1 pointed out)... this has nothing to do with the server... It's the protocol.

MS telnet is configured to use NTLM authentication by default not plain text so you must be authenticated on the network before you can use it. but the option is in the server config. to allow plain test. if your behind a firewall in a trusted environment there is no problem with using telnet. with NTLM only those users that have permissions to logon to a computer running a telnet server can do so.

This still presents problems... Anyone with a copy of l0phtcrack could quite easily break the NTLM and have your username, password and domain. You also have to consider that anything after the username and password is still sent in plain text.

There really is no longer a telnet client in XP, it is integrated into hyperterminal, which has this flaw-

Code:

C:\WINDOWS\system32>telnet

Welcome to Microsoft Telnet Client

Escape Character is 'CTRL+]'

Microsoft Telnet> quit

C:\WINDOWS\system32>dir telnet.exe
 Volume in drive C has no label.
 Volume Serial Number is 6055-A700

 Directory of C:\WINDOWS\system32

08/04/2004  12:56 AM            75,264 telnet.exe
               1 File(s)         75,264 bytes
               0 Dir(s)   1,037,418,496 bytes free

C:\WINDOWS\system32>

It definately has a telnet client.

Telnet in general by itself is not a security threat, windows does not include a telnet server by default

Code:

iexplore           2800   8  28  725  31604     0:00:34.562     3:54:05.500
cmd                2968   8   1   31   1912     0:00:00.109     0:03:39.218
mmc                2260   8   9  250   7624     0:00:00.671     0:00:57.125
tlntsvr            3740   8   4  103   1068     0:00:00.046     0:00:37.921
pslist             3844  13   2   91    752     0:00:00.046     0:00:00.015

C:\WINDOWS\system32>dir tlntsvr.exe
 Volume in drive C has no label.
 Volume Serial Number is 6055-A700

 Directory of C:\WINDOWS\system32

08/04/2004  12:56 AM            73,216 tlntsvr.exe
               1 File(s)         73,216 bytes
               0 Dir(s)   1,037,352,960 bytes free

Looks like there's a telnet server too.

A Default install of Windows will have both a client and a server. I find the client quite handy. I use it to connect to mail servers, grab http headers and raw html source code, among other uses. I occasionally use it

There's really only one answer to this question.... It's not:
Telnet is secure.
Telnet isn't secure.
The Telnet client is secure.
The Telnet client isn't secure.
The Telnet server is secure.
The Telnet server isn't secure

The answer is... 'Is telnet secure enough for your needs?'

You have to weigh the facts.

1. There are two major terminal protocoles (Telnet and SSH)
2. Telnet will be quicker (although this speed most likely won't be noticed with most of today's computers and internet connections) because it doesn't require authentication.
3. A Telnet Client is available by default on most, if not all, modern operating systems.
4. Telnet, by definition, transmits in clean text... anyone with a sniffer can view this data.
5. If you are using NTLM hashes you risk the chance of someone sniffing and quite easily cracking them. They'll then have your windows Username and password.
6. There are flaws in both the telnet and ssh servers. Lately, because of it's popularity and because it's younger, ssh has had more vulnerabilities discovered.

Now look at your purposes.

1. Am I on a Trusted network (my own vlan, or a home network).
2. Does my communication have to traverse the internet.
3. Am I using a VPN into a corporate environment (Data is already encrypted by the VPN). If so... what's on the other end of the VPN... is there a segment that I don't trust in the network.
4. Do I really need either of the services.

Anyways... that should beat this thread to death with a rather large stick.

Peace,
HT

[Tedob1]

Originally posted here by HTRegz

Now look at your purposes.

1. Am I on a Trusted network (my own vlan, or a home network).

HT how come my trusted environment (people & network) gets a guy with a copy of l0phtcrack and your trusted network doesn't?

[HTRegz]

Originally posted here by Tedob1
HT how come my trusted environment (people & network) gets a guy with a copy of l0phtcrack and your trusted network doesn't?

Hey Hey,

Sorry, it didn't come out how it was supposed to... I was just trying to point to point out that NTLM just adds a false sense of security... In a real trusted environment it wouldn't matter if you used NTLM or plaintext because both should be secure. So plaintext is fine.... if you are relying on NTLM to protect your username and password... you are just fooling yourself....

That was the point I was trying to get across.

Peace,
HT

[Tetrismaster101]

No one has explained to me what "NTLM" means

[hiddeninclouds]

Originally posted here by Tetrismaster101
No one has explained to me what "NTLM" means

Originally posted here by jinxy
This will explane NTLM: http://www.innovation.ch/java/ntlm.html

Plenty of threads here that detail what services can safely be turned off, have a browes around.

*takes out spoon

Google is your friend: www.google.com
http://www.google.com/search?hl=en&q...=Google+Search

http://www.geocities.com/rozmanov/ntlm/