Remote Access with Telnet, SSH, and RDP (37.6.2)
Long before desktop computers with sophisticated graphical interfaces existed, people used text-based systems, which were often just display terminals physically attached to a central computer. After networks became available, people needed a way to remotely access computer systems in the same manner that they did with the directly attached terminals.
The Telnet protocol was developed to meet that need. Telnet dates back to the early 1970s and is among the oldest of the application layer protocols and services in the TCP/IP suite. Telnet provides a standard method of emulating text-based terminal devices over the data network. Both the protocol itself and the client software that implements the protocol are commonly referred to as Telnet. Telnet servers listen for client requests on TCP port 23.
A Telnet connection is called a virtual terminal (vty) session. Rather than using a physical device to connect to the server, Telnet uses software to create a virtual device that provides features of a terminal session with access to the server’s command-line interface (CLI).
In Figure 37-39, the client has remotely connected to the server via Telnet. The client is now able to execute commands as if it were locally connected to the command line of the server. Similarly, Telnet can provide access to the CLI, or console, of a networking device so that the device can be configured and monitored.
Figure 37-39 Physical Connection and Remote Connection
After a Telnet connection is established, users can perform any authorized function on the server, just as if they were using a command-line session on the server itself. If authorized, they can start and stop processes, configure the device, and even shut down the system.
Although the Telnet protocol can require a user to log in, it does not support transporting encrypted data. All data exchanged during Telnet sessions is transported as plaintext across the network. This means that the data can be easily intercepted and understood. This includes usernames and passwords.
The Secure Shell (SSH) protocol offers an alternate and secure method for server access. SSH provides the structure for secure remote login and other secure network services. It also provides stronger authentication than Telnet and supports transporting session data using encryption. SSH servers listen for client requests on TCP port 22.
As a best practice, network professionals should always use SSH in place of Telnet, if possible.
Figure 37-40 illustrates how SSH is more secure than Telnet. On the left side of the figure, the network technician is using Telnet and logs into the server using the indicated credentials. The threat actor has captured the Telnet traffic and can easily see the credentials used. On the right side of the figure, the technician is using SSH to connect to a different server. The threat actor could still capture the traffic. However, they would not be able to decipher it because SSH encrypts user traffic.
Figure 37-40 Telnet Traffic Is Unsecure and SSH Traffic Is Secure
Connecting to other devices using Telnet or SSH using a terminal window is common in some operating systems. There are also commercial software terminal emulator packages available. PuTTY is a popular free and open-source terminal emulator program. This client application supports SSH, Telnet, and rlogin. Tera Term is another free and open-source terminal emulator that includes a macro scripting language and plugins. PuTTY and Tera Term can both use the SSH protocol for connections. Both assume that an SSH server, such as the one available with OpenSSH, is running on the destination device. OpenSSH is distributed with a wide range of operating systems, including various Linux distributions, Windows, and macOS.
Remote Desktop Protocol (RDP) was created by Microsoft. It uses a client-server model in which the client can connect to an RDP server that is running on a remote system to display the graphical user interface of the remote device. RDP servers and clients are included with Windows, and are available for OS X, Linux, and Unix via xrdp, which is a free and open-source implementation of the Microsoft RDP server. Other operating systems can also perform these functions. For example, in macOS, remote access functionality is provided by the Screen Sharing feature, which is based on Virtual Network Computing (VNC). Any VNC client can connect to a Screen Sharing server. VNC is a freeware product that is similar in functionality to RDP and works over port 5900.
Video Demonstration—Remote Desktop and Remote Assistance (37.6.3)
Other operating systems can also perform these functions. For example, in macOS, remote access functionality is provided by the Screen Sharing feature, which is based on Virtual Network Computing (VNC). Any VNC client can connect to a Screen Sharing server. VNC is a freeware product that is similar in functionality to RDP and works over port 5900.
Refer to the online course to view this video.