Telnet service configuration and port redirection in windows

Telnet service configuration and port redirection in windows
First, we will briefly introduce the Terminal service. Telnet is a common remote logon and management tool for system administrators, and TCP/IP Terminal EmulationProtocol. TELNET is a terminal simulation protocol in a TCP/IP environment. It establishes a connection between the server and the client over TCP. After the connection, the TELNET server and the client enter the negotiation stage (which can be selected). Both parties can choose to support the connection operation, each connection system can negotiate new or re-negotiate old options (at any time ).
Www.2cto.com
Generally, TELNET serves as many options as possible at any end to maximize system performance. Once a TELNET connection is established, the optional requests between the two Parties will be sent back and forth as each party wants to obtain as many services as possible from the other party. In addition, these optional requests can also be used to dynamically modify connection features to adapt to changing local environments. Over the past 20 years, the current TELNET service is already a multi-function simulator. Option enables TELNET to transmit binary data, support for byte macros, simulation graphics terminals, and transfer information to support centralized terminal management. In the TELNET connection, the transmission commands are in the ASCII text format.
Www.2cto.com
Telnet data is transmitted in plain text. Attackers can easily obtain sensitive information through sniffing. Based on security considerations, we recommend that you use a more secure and encrypted SSH remote management method. In Windows 2000/XP/2003/Vista, it is integrated into the system as a standard system component for users to use. However, by default, the Telnet service is disabled. Generally, you only need to run services. msc open service management, find the Telnet service item, set its Startup type to "Manual" or "automatic", and then start the service to use it. Use the SC command line to configure system services to enable the telnet service.

Use the client to telnet the client to connect to the server. Use netstat-an to check that the Service port tlntadmn is the setting command of the telnet service. You can set the port and authentication method of the telnet service; by using tlntadmn, port 23 is redirected by default, making the Protocol safer. Use tlntadmn /? View help. Usage: tlntadmn [computer name] [common_options] start | stop | pause | continue |-s |-k |-m | config config_options
All sessions use 'all '. -s sessionid lists session information. -k sessionid: Terminate the session. -m & nsp; sessionid sends a message to the session. configure the Telnet server parameters in config. common_options:-u user specifies the user-p password user password whose creden are to be used as follows: dom = domain set the user's default domain ctrlakeymap = yes | no sets the ing timeout of the ALT key = hh: mm: ss sets the idle session timeout value timeoutactive = yes | no enables idle sessions. maxfail = attempts set the number of logon attempts that failed before disconnection. maxconn = connections sets the maximum number of connections. port = number: Set the Telnet port. sec = [+/-] NTLM [+ /-] Passwd sets the authentication authority fname = file to specify the audit file name. fsize = size specifies the maximum size (MB) of the audit file ). mode = console | stream specifies the operation mode. auditlocation = eventlog | file | specifies the location where the both record is audit = [+/-] user [+/-] fail [+/-] admin specifies how to use audit events: run the following command directly: tlntadmn config sec =-ntlm injection:; exec master. dbo. xp_cmdshell 'tlntadmn config sec =-ntlm' -- after running, ntlm authentication is removed. c: \> tlntadmn config sec =-ntlm --------------- use admin permission C: \> at 20:43/interactive "Cmd" ----------- at command to enable the system permission added a new job, its job ID = 1 C: \ WINNT \ system32> tlntadmn config sec =-ntlm to remove NTML verification another method: create an administrator user on the target host! Create a user with the same account and password as the target host on the local machine, right-click on the local machine CMD and select the running mode ~ Enter the account and password to directly Telnet the target IP address of the service, which can be used for NTML verification. modify telnet port 1 in windows 2003. Modify the telnet port method of local port 2003: c: \> tlntadmn config port = 923 (set the port to 923) 2. Modify the telnet port method c: \> tlntadmn \ 192.168.1.111 config port = 2003-u administrator-p 923. Note: \ 192.168.1.111 peer IP port = 923 to be modified to telnet port-u to specify the peer user name-p to specify the peer user password.
Test whether the connection after the port is modified is normal. If the connection is established remotely, the default telnet command is disabled in Windows 7! Manually install the telnet service. Follow these steps to enable the telnet function under windows 7. Choose "Control Panel"> "program"> "enable or disable windows; check "Telnet Server" + "Telnet client" and click OK. Use tlntadmn to configure the service