Telnet is an early network protocol that allows text-based access to remote systems but lacks security features. It works at the application layer and provides bidirectional interactive text communication through a virtual terminal connection. SSH was developed as a secure replacement for Telnet, supporting encryption, authentication, and integrity to prevent eavesdropping and spoofing. It uses public/private key cryptography to securely transmit data and authenticate systems. While still used occasionally, SSH is now generally preferred over Telnet for remote access due to its enhanced security.

2. TELNET
Telnet is a combined words of Telecommunications Network, and is one
of the major network protocols used on the Internet, telnet is a textbased protocol, works on the application layer of the OSI model, is a
general-purpose client-server application program, it is one of the
earliest network protocols, which was developed in 1969 and has
evolved over the years to be a robust protocol.
The original purpose of telnet was to have an easy interface for terminals
to interact with one another, using relatively simple command structures
and accessible interfaces.
It provides a bidirectional interactive text-oriented communication
facility via virtual connection.
Once the telnet connection is established users can perform authorize
function on a the server as telnet lets the client and server negotiate
options before or during the use of the service.

3. TELNET







Can be used to send and receive information
Administration of network elements
Supports user authentication
Collaboration of multiple users
Can be used to send and receive information
Most OS include an Application layer Telnet client
All Telnet clients and servers implement a network virtual
terminal.

4. TELNET





Display only text and numbers
No graphics
No color
No mouse (no menus, check boxes, etc)
Do not support the transport of encrypted data

5. TELNET
UserName
authentication
Password
User
granted access
TelNet Server

6. TELNET
Network Virtual Terminal is responsible for translating
operating system-specific instructions (keyboard codes or
display codes) into a consistent set of codes that all Telnet
clients and servers can transmit and receive.
The NVT is what makes Telnet clients and servers capable of
communicating with each other regardless of which operating system
they are using and provides a standard communication base, comprised
of:
7 bit ASCII characters to which the extended ASCII code is added
Three control characters
Five optional control characters
A set of basic control signals

7. TELNET
An online game, a text-based nature of telnet in ASCII char; plain, classic but still fun

8. TELNET
This is a sample telnet session of a network host
running virtually on a terminal in Win7 wherein the
communication is bidirectional (2-way) the host
displays text only, and then awaits an Enter key
press to continue

9. TELNET
Code
Option
Description
0
Binary
Interprets an 8-bit binary transmission
1
Echo
Echo the data receive on 1 side to the other
3
Suppress go ahead
Suppress go-ahead to signal data
5
Status
Request the status of Telnet
6
Timing Mark
Defines the timing marks
24
Terminal Type
Set the terminal type
32
Terminal Speed
Set the terminal speed
34
Line Mode
Change the line mode

10. TELNET
Sender
WILL
WILL
Direction
Receiver
Description
Meaning
DO
Sender wants to enable option.
Receiver says OK.
Option is in effect
DON’T
Sender wants to enable option.
Receiver says no.
Option is not in effect
DO
WILL
Sender wants receiver to enable option.
Receiver says OK.
Option is in effect
DO
WON’T
Sender wants receiver to enable option.
Receiver says no.
Option is not in effect
WON’T
DON’T
Sender wants to disable option.
Receiver must say OK.
DONT is only valid response
DONT
WON’T
Sender wants receiver to disable option.
Receiver must say OK.
WONT is only valid response

11. TELNET
TELNET suffers from security problems.
TELNET requires a login name and password (when exchanging text).
Ex.threat :
A microcomputer connected to a LAN can easily eavesdrop using
snooper software to capture a login name and the corresponding
password even if it is encrypted. For this reason, Telnet has been
largely replaced by the more secure SSH protocol.
Encryption is the conversion of data into a form, called a ciphertext, that cannot be easily understood by unauthorized people.
Decryption is the process of converting encrypted data back into its original form, so it can be understood

12. SECURE SHELL
SSH is a cryptographic network protocol for secure data
communication, via a secure channel over an unsecure
network of a server and a client.
Secure Shell is an alternative protocol to TelNet and
Rlogin which connects to Unix servers originally created
in 1995.
Cryptography – anything written in a secret code or cyphers

13. SECURE SHELL
Client
Server
SSH
Normally a data is transmitted between client and server but not in a
secure line, like internet
To transmit data in a secure line, we use Secure SHell

14. SECURE SHELL
SSH is important in cloud computing to solve connectivity problems,
avoiding the security issues of exposing a cloud-based virtual machine
directly on the Internet.
An SSH tunnel can provide a secure path over the Internet, through a
firewall to a virtual machine
Key Benefits
1. Confidentiality - nobody can read the message content
2. Authentication (of both the client and server) - protection against IP
spoofing, IP source routing, DNS spoofing, password interception and
eavesdropping
3. Integrity - guarantee that data is unaltered on transit
Cryptography – anything written in a secret code or cyphers

15. SECURE SHELL
 can handle secure remote logins (ssh)
 can handle secure file copy(scp) and drive secure FTP
 Strong integrity checking via message authentication codes
 transfer a file from a computer to another
 Better security through key exchange
 Browsing the web through an encrypted proxy connection,
using the SSH server as a proxy
 Both ends authenticate themselves to the other end or all
traffic encrypted

16. SECURE SHELL
 can be considered a security risk by companies or
governments who do not trust their users
 SSH2 has inherent design flaws which make it vulnerable to manin-the-middle-attacks
Most modern servers and clients this days support SSH-2

17. SECURE SHELL
SSH authenticates through:
 Public Key Encryption(RSA or DSA)/Private Key
Each computer in the communication has two keys, a public key and a
private key. The message is encrypted using the public key, which is
available to anyone, but can only be decoded using the private key,
which is known by only the destination computer. Though the keys are
mathematically related, there is no way to figure out the private key using
the public key.
SSH uses the following ciphers for authentication:
Cipher
SSH1
SSH2
RSA
yes
yes
DSA
no
yes
Cipher are usually secret codes / hidden writing

18. SECURE SHELL
Difference between:
SSH1 - uses server and host keys to authenticate systems
SSH2 – more secure because it uses only host keys
Difference between:
DSA is generally faster in decryption but slower for encryption
RSA is less secure than DSA but authenticates faster
Encryption is the conversion of data into a form, called a ciphertext, that cannot be easily understood by unauthorized people.
Decryption is the process of converting encrypted data back into its original form, so it can be understood
RSA was named after its 3 inventors.
DSA stands for Digital Signature Algorithm

19. SECURE SHELL
 Kerberos
• Only a single login is required per session
• The concept depends on a trusted third party – using systems in
the network and is trusted by all of them
• It performs mutual authentication, where a client proves its
identity to a server and a server proves its identity to the client.
 Host-Based Auth.
Host-based authentication in SSH is used
Simple trust: the host is certified trusted, the user is trusted even no
password is provided, then the communication starts.

20. Conclusion
Telnet is one of the protocols that helps in network
communications and used to communicate with other
computers and machines in a text-based manner with
support of other programs.
Ssh will not help you with anything that compromises
your host's security in some other way.
Once an attacker has gained root access to a machine,
he can then subvert or destroy ssh, too.
If somebody malevolent has access to your home directory,
then security is nonexistent. Other forms of security or firewall
can be added in the network system

21. Summary
Using telnet to establish a connection to a host is simple, you can
interact with the remote computer directly by typing simple
commands. Normally the data transmission between client and server
is not in a secure line and to make it secure an administrator can
implement secure shell which can terminate a secure session utilizing
an encryption.
To sum it up in simple terms, Telnet protocol supports user
authentication, it does not support the transport of encrypted data
unlike the Secure Shell protocol which offers an alternate and secure
method for server access. As a best practice, network professionals
should always use SSH in place of Telnet, whenever possible.

22. ?

23. Thank You!