telnet ssh n.
Skip this Video
Loading SlideShow in 5 Seconds..
Telnet/SSH PowerPoint Presentation
Download Presentation

Loading in 2 Seconds...

play fullscreen
1 / 19

Telnet/SSH - PowerPoint PPT Presentation

  • Uploaded on

Telnet/SSH. Tim Jansen, Mike Stanislawski. TELNET is short for Terminal Network Enables the establishment of a connection to a remote system, so that the local terminal appears to be the terminal at the remote location. Usually establishes its connection on port 23. Local log-in.

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'Telnet/SSH' - bobby

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
telnet ssh


Tim Jansen, Mike Stanislawski

TELNET is short for Terminal Network
  • Enables the establishment of a connection to a remote system, so that the local terminal appears to be the terminal at the remote location.
  • Usually establishes its connection on port 23
local log in
Local log-in
  • Log-in is performed with a username and a password.
  • Keystrokes accepted at the terminal driver and passed to the operating system.
  • Operating system interprets the keystrokes and performs an action
remote log in
Remote Log-in
  • Terminal Driver accepts keystrokes and passes them to the TELNET client
  • Client transforms characters to network virtual terminal (NVT) character and delivers them to TCP/IP protocol stack
  • Passed online to the server’s TCP/IP stack and then to the TELNET server which deciphers the NVT characters
  • The decoded characters are passed to a pseudoterminal driver because the Operating System is only designed to receive characters from a terminal driver.
  • Uses two sets of characters one for data and the other for control
  • Data characters are represented with the same 7 lowest-order bits as ASCII and the highest-order bit is 0.
  • Control characters highest-order bit is 1
  • The same connection is used for sending both data and control characters.
  • Control characters are embedded in the data stream.
  • A control character is recognized by a preceding character of 11111111, this is the IAC (Interpret as control) character.
  • Options are extra features available to a user with a more sophisticated terminal.
  • Simple terminals use default features.
  • Option negotiation entails using four control characters, WILL, WONT, DO, DONT
  • WILL is sent as a question “Will I enable the option?
  • DO is sent as a request “Do enable the request”
  • WONT is sent to say “I won’t use this option anymore”
  • DONT is sent to say “Don’t use it anymore”
  • Default Mode – used if no other modes are invoked.
  • Character Mode – each character is sent to the server, but the server may delay sending back the information. Creates overhead because 3 TCP segments are sent per character.
  • Line Mode – line editing is done by the client, and then sent as a whole line to the server.
  • TELNET is unencrypted, making it very easy to intercept.
  • Most implementations have no authentication to ensure communication is carried out.
telnet today
  • TELNET has in the past few years been overtaken by remote login
  • It is still used in such ways as debugging network services.
  • SSH is short for Secure Shell
  • Unlike TELNET, SSH uses a form of encryption
  • The encryption is public-key
SSH is also a remote login protocol
  • It can be used for file transfer with SFTP or SCP
  • Listens on standard TCP port 22
uses of ssh
Uses of SSH
  • For remote login
  • Executing single lines on a remote host
  • Copying files from a local server to a remote host
  • As a secure alternative to FTP
transport layer
Transport Layer
  • Handles initial key exchange
  • Sets up encryption and compression
  • Also arranges for key re-exchange after an hour or 1GB is transferred.
user authentication layer
User Authentication Layer
  • Handles client authentication
  • Password authentication
  • Public key authentication
  • And others
connection layer
Connection Layer
  • Defines channel requests
  • Multiple channels can be hosted at once
  • Direct-TCP/IP handles client-to-server forwarded connections
  • Forwarded-TCP/IP handles server-to-client forwarded connections
  • Defends against
    • IP spoofing, where a remote host sends out packets which pretend to come from another, trusted host. Ssh even protects against a spoofer on the local network, who can pretend he is your router to the outside.
    • IP source routing, where a host can pretend that an IP packet comes from another, trusted host. DNS spoofing
    • DNS spoofing, where an attacker forges name server records
security cont
Security cont.
  • Also protects against
    • Interception of cleartext passwords and other data by intermediate hosts
    • Manipulation of data by people in control of intermediate hosts
  • In short, SSH trusts nothing
  • SSH is secure assuming the option of encryption “none” is not chosen