Professional Documents
Culture Documents
Hacking On Telnet Explained
Hacking On Telnet Explained
Click "connect" then "remote system…". In the host name box place the host name or IP
address of the computer to which you wish to telnet. Leave the Port and Term Type boxes
alone for now.
Here is a really important point. Every day people email me complaining that some
computer won't let them telnet into it. They ask what they are doing wrong. They aren't
doing anything wrong:
·14 Maybe the computer they are trying to reach no longer exists.
·15 Maybe the computer they are trying to reach doesn't allow telnet logins. For
example, whois.internic.net no longer allows telnet logins on port 23 (the default
port). Click here to learn how to telnet into whois.internic.net on the right port for
that particular server. <../whois.shtml>
·16 Maybe a firewall is blocking them.
·17 Or maybe they make a telnet connection and the remote computer asks for a user
name and password they don't have. Then they email me asking for how to get a
login name and password that will work.
Newbie note: The owners or administrators of any Internet host computer decide who
gets user names and passwords. Believe it or not, about once a week someone emails me
asking what user name and password their own online service provider has assigned them
for a telnet login. That's why I'm telling people the obvious -- if you want to telnet into
any computer, and you don't have a user name and password, you must ask the owner,
administrator of tech support for that system for a user name and password. If they won't
give that to you, they don't want you to have it!
You can go to jail warning: If you guess the user name and password, or use a
computer breakin technique to get or create them, or if someone other than an owner
or administrator or a legitimate user on that system gives you a user name and
password, it is against the law to use them. Many computer criminals give out user
names and passwords that they obtained illegally.
More on Telnet: the Number One Hacker Tool
How to Get Telnet Accounts
OK, so you want to get legal user names and passwords so you can telnet into other
computers. Here are some of the best ways:
·18 See http://happyhacker.org/links2.shtml#shells <../links2.shtml> for organizations
that will give you free shell accounts. You can telnet into these.
·19 Ask Internet Service Providers for shell accounts. Some offer them, although
most don't.
·20 Set up a telnet server on your own computer (see instructions below). Yes, once
you are running a telnet server, you can telnet from your computer back into your
computer. Simply give the command "telnet 127.0.0.1".
·21 Make friends with people who run Internet computers with telnet servers.
Why you May Not Want to Telnet
If you love your shell account server, don't ever, ever telnet or ftp into it. I recommend
Ssh or Openssh for logging into remote computers? The telnet (and ftp) protocol is a
"clear text" transmission. That means that computer on the same LAN as either You or
your destination computer, or any computer on any LAN or network path through which
your connection passes can steal your login name, password or anything else that goes
across your connection. Ssh and OpenSsh encrypt all communications so no one can
snoop on you.
How to Install a Telnet Server on your Windows Computer
Usually you can't telnet into a Windows home computer. The reason is, they aren't
running telnet servers. Here's how to get a telnet server on your home Windows
computers so your friends and you can telnet in and play.
For Windows NT, the Options Pack includes a primitive telnet server.
For Windows 95/98/NT and 2000, you also can install shareware or commercial telnet
servers. Check out http://www.winfiles.com, or do a web search.
Of course installing a telnet server makes your computer vulnerable to all sorts of trouble
from hackers. It's your funeral, don't come crying top me if a telnet visitor destroys your
computer
More on Telnet: the Number One Hacker Tool
How to Turn off a Telnet Server on your Unix-type Computer
If you go online with Linux or other Unix-type computer, a telnet server is the easiest
way to ensure you get destroyed by a malicious hacker. Here's how to prevent this. On
most of these, the file /etc/inetd.conf launches most of your servers. Edit the file to put a
"#" in front of the line that has telnet in it and either reboot your computer or kill and
restart inetd.
If your computer doesn't use inetd to launch services, you should be able to find telnetd
under /etc/init.d.
Install ssh instead and only use that to log into your shell account.
How to Explore Computers Using Telnet
Even if a computer doesn't have a telnet server, there are lots of fun and even legal things
to do to it using telnet. The easiest thing to do is extract "banners" from a victim
computer. A banner is a message a computer will often give when you telnet to a port that
is running an Internet server of some sort.
For example, most mail sending servers use port 25. To telnet to port 25 from Win 2000
or a Unix shell, simply type:
telnet <hostname or IP address> 25
Windows 95, 98 and NT make it a tiny bit harder.