Telnet

Telnet consists of two components: (1) the protocol itself which specifies how two parties are to communicate and (2) the software application that provides the service.

[4][5] Telnet transmits all information including usernames and passwords in plaintext so it is not recommended for security-sensitive applications such as remote management of routers.

[16] Telnet is vulnerable to network-based cyberattacks, such as packet sniffing sensitive information including passwords and fingerprinting.

[6][17] Telnet services can also be exploited to leak information about the server (such as hostnames, IP addresses and brand) by packet sniffing the banner.

[10] In fact, Telnet is targeted by attackers more frequently than other common protocols, especially when compared to UPnP, CoAP, MQTT, AMQP and XMPP [citation needed].

The VPN software should be a trusted one that is heavily audited (e.g. OpenVPN, WireGuard, IPsec), using preferably certificate-based/public key mutual authentication.

Clients and servers designed to pass IBM 5250 data streams over Telnet generally do support SSL encryption, as SSH does not include 5250 emulation.

However, because of serious security concerns when using Telnet over an open network such as the Internet, its use for this purpose has waned significantly in favor of SSH.

[20] The usage of Telnet for remote management has declined rapidly, especially on the public Internet, in favor of the Secure Shell (SSH) protocol.

[2][21] SSH provides much of the functionality of telnet, with the addition of strong encryption to prevent sensitive data such as passwords from being intercepted, and public key authentication, to ensure that the remote computer is actually who it claims to be.

The Telnet client may be used in debugging network services such as SMTP, IRC, HTTP, FTP or POP3, to issue commands to a server and examine the responses.

Star Wars: Episode IV – A New Hope from 1977 has been recreated as a text art movie served through Telnet.