• NaibofTabr@infosec.pub
      link
      fedilink
      English
      arrow-up
      0
      ·
      1 month ago

      Telnet is basically the predecessor to SSH for terminal-over-network communications:

      It is a protocol for bidirectional 8-bit communications. Its main goal was to connect terminal devices and terminal-oriented processes.

      At this point, it is archaic network technology:

      Telnet was originally developed for ARPANET in 1969.

      It was developed in a time when only very specific organizations with lots of funding had access to computer networking. The Mother of All Demos had happened only the year prior. The first version of the Internet Protocol used today would not come until 1973.

      There was no concern that unauthorized parties might eavesdrop on the communications between networked computers. Also, at this time there were no functional computer networks that extended beyond local sites. The first ARPANET nodes would not start communicating with each other until 1970:

      The first four nodes were designated as a testbed for developing and debugging the 1822 protocol, which was a major undertaking. While they were connected electronically in 1969, network applications were not possible until the Network Control Program was implemented in 1970 enabling the first two host-host protocols, remote login (Telnet) and file transfer (FTP) which were specified and implemented between 1969 and 1973.

      So basically, everyone who could possibly access your computer network would have to be on site, and probably in the room with the (very classified) government research computers. At this point you could count the number of people who really understood computer networking technology (globally) on your fingers and toes. Cybersecurity wasn’t a thing that anyone was worrying about yet.

      All of the security features that have been added to Telnet are afterthoughts, bolted on to the original system. It was never designed for the public Internet that we have today. And yet… there is still legacy technology out there that uses Telnet for remote access and administration, some of it in critical infrastructure like power grids and water systems.