Host-
IP: 192.168.56.129OS: RHEL5.932bitService: telnet-server
Host-B
IP: 192.168.56.128OS: RHEL5.932bitService: telnet-client
View Nic information on HostA
12345678910
#ifconfigeht0
eth0Linkencap:EthernetHWaddr
00
:0C:
29
:CC:
30
:9A
inetaddr:
192.168
.
56.129
Bcast:
192.168
.
56.255
Mask:
255.255
.
255.0
inet6addr:fe80::20c:29ff:fecc:309a/
64
Scope:Link
UPBROADCASTRUNNINGMULTICASTMTU:
1500
Metric:
1
RXpackets:
4914
errors:
0
dropped:
0
overruns:
0
frame:
0
TXpackets:
3705
errors:
0
dropped:
0
overruns:
0
carrier:
0
collisions:
0
txqueuelen:
1000
RXbytes:
2419811
(
2.3
MiB)TXbytes:
276508
(
270.0
KiB)
Interrupt:
67
Baseaddress:
0x2024
Start the telnet Service
Install wireshark packet capture tool
12
#yuminstall-ywireshark
#yuminstall-ywireshark-gnome
// Install the command line tool and the gnome graphical tool package together
Enable wireshark packet capture. To facilitate packet analysis, the Filtering Rule tcp. port = 23andip. dst = 192.168.56.129 is written.
Log on to 192.168.56.129 via telnet as the root user on the host 192.168.56.128. First, view the NIC information.
12345678910
#ifconfigeth0
eth0Linkencap:EthernetHWaddr
00
:0C:
29
:E8:F9:FE
inetaddr:
192.168
.
56.128
Bcast:
192.168
.
56.255
Mask:
255.255
.
255.0
inet6addr:fe80::20c:29ff:fee8:f9fe/
64
Scope:Link
UPBROADCASTRUNNINGMULTICASTMTU:
1500
Metric:
1
RXpackets:
3518
errors:
0
dropped:
0
overruns:
0
frame:
0
TXpackets:
4232
errors:
0
dropped:
0
overruns:
0
carrier:
0
collisions:
0
txqueuelen:
1000
RXbytes:
276736
(
270.2
KiB)TXbytes:
2356751
(
2.2
MiB)
Interrupt:
67
Baseaddress:
0x2024
Use the root user logon password as redhat. The logon is successful!
Capture packets with wireshark at 192.168.56.129
We can clearly see that the username is "root" and the password is "redhat". Therefore, telnet is a plaintext transmission protocol that is extremely insecure. We recommend sshv2.
The above operation proves the plaintext transmission password of telnet, and the Protocol does not undergo any encryption measures, so we hope to have a deep understanding. In addition, there are also plain text transmission passwords like ftp, rlogin, smtp, and pop3, but the most dangerous thing is telnet, because the user name and password of the operating system are the ones that are hijacked.