• The most commonly used Telnet commands. Telnet port - what is it? Connecting and starting Telnet

    Progress is a phenomenon that knows no stops. In the area information technology changes occur every day: new products appear, outdated services become a thing of the past. But there are tools that are still popular despite the emergence of an alternative. A prime example is the Telnet protocol. What is Telnet and how to use it?

    A little history: when and why did Telnet appear?

    Telnet appeared more than 40 years ago, shortly after the installation of the first ARPANET server. This is one of the oldest protocols on the Internet. In an era when there was no trace of it, but the first networks had already appeared, the need for remote connection dictated its own requirements for devices. The first solution to the problem that appeared, like all subsequent ones, allowed you to work on a remote device as if it were your own. All supported functionality has become available in the interface. You just need to get the required access level and know the Telnet commands. We figured out what this protocol is and why we need it. But how is Telnet connection implemented today?

    Launch the terminal. Enable required services

    In modern operating systems Windows family, before starting Telnet, you need to check whether this component is installed on the system. This is not difficult to do. For Windows 7, the most common operating system today, you need to perform the following sequence of actions:

    1. Select "Control Panel" or Control Panel from the Start menu.
    2. In the window that opens, select “Programs”. In the English version of the system this will be Programs.
    3. Go to the "Enable or disable" tab Windows components" (Turn Windows features on or off). The system compiles a list of all available components. Those already installed will be marked with checkboxes. This process may take several minutes.
    4. After the list is loaded, you need to find the Telnet client item. There is also a Telnet server in the menu, but we will return to this a little later. If there is no checkmark next to the item we need, it needs to be checked.
    5. After clicking the "OK" button, the system will begin installing the necessary components for proper operation protocol. This may take some time, but modern computers the process is unlikely to take more than a minute. Thus, the question of how to enable Telnet was resolved in 5 simple steps.

    Telnet service: and Telnet client?

    Both concepts from the title have already been mentioned a little higher. Like many other applications, Telnet has a client side and a server side. However, a Telnet server is not necessarily a server in the general sense of the word. The computer from which the connection is made is considered to be a client, the device to which the connection is made this connection, will be the server. This could be a router, a computer, or any other host that supports command line control. If we are talking about remote administration of a personal user computer or server, the Telnet port must be open. It is often closed for security reasons, so when you try to establish a session, an error message will appear. To check open and closed ports you can use special utility or web service. The standard Telnet port is 23. If you want to not only connect to other computers yourself, but also allow administration of your PC via Telnet, then in the same operating system snap-in you need to check the box next to the Telnet server component. The PCs and server hardware that you administer should be configured in the same way.

    Programs for working with Telnet

    After starting all the necessary Telnet services, you can safely start working using the built-in Windows tool- command line. It is called up from the Start menu, either by clicking on the corresponding item, or speed dial(cmd). It is advisable to always run the command line with “Administrator” user rights (either local, the device on which you are working, or domain). This way, you won't have to restart the application if elevation is required. In addition to the available tool of the operating system itself, there are also third party programs, allowing access via the Telnet protocol. The most popular of them is Putty. Along with it, other applications running under different operating systems are also popular, such as TeraTerm, AnyConnect, DTelnet, EasyTerm, KoalaTerm and many others. Which program to use, everyone decides for themselves, depending on personal preferences, interface requirements, etc. There are no significant differences in terms of functionality between them, and there cannot be. Each of the utilities implements all available list Telnet commands.

    Telnet commands: how to figure it out?

    It will not be difficult for an experienced person to install in a matter of minutes necessary components(if they have not been installed previously), open a Telnet session and perform all the configuration of the remote host. However, there are also newcomers who see the console almost for the first time in their lives. How to find out the list of available commands in Telnet? What is WONT AUTH or SET LOCALECHO? Everything is not as difficult as it seems at first. Firstly, we must always remember that in any command interface there is built-in help. It can be accessed using standard keys, for example, help or “?”. Secondly, given how old the Internet is, you can find an endless number of resources with useful information by syntax. Thus, there is absolutely nothing to worry about. And practice shows that using several lines of commands the result is much easier to achieve in most cases. And after just a few sessions, you will confidently type the necessary commands without resorting to the syntax assistant.

    Telnet on network devices

    We have already said that using the Telnet protocol you can manage not only computers, but also a wide variety of network devices. The most common class of such devices is routers. So what is Telnet in a router, what is it for, how to enable it?

    Depending on the manufacturer and specific model There are different ways to enable Telnet access. You can log into the router via the web interface or through the console. In the first case, you will need to find the item remote administration, where one or another type of connection is allowed (Telnet, ssh). In the second case, access can be granted via the command line. Each administrator chooses a scenario that is convenient for themselves. However, there are routers that implement only one of the two possible options During the initial connection, for example, only the web interface is available. An administrator who is accustomed to working with the console will find it rather uncomfortable to look for the item where he needs to put the coveted checkbox, but in reality there is nothing complicated about it. The interface of most modern routers is quite clear. The names of the menu items speak for themselves; the minimalist design will not allow you to get confused.

    Advantages of Telnet sessions

    At this point, we've become familiar enough with the technology to talk about the pros and cons of Telnet. No matter how successful the product is, it cannot be said that it is absolutely devoid of disadvantages. And if we are talking about a service that was released at the very beginning of the 70s of the last century, you should not forget about this fact.

    Among the obvious advantages, it is necessary to note the simplicity, speed and convenience of the protocol. In less than a minute convenient client will contact the server TCP port of your choice and create a local terminal emulation. Above we talked about the standard 23 working port. In fact, you can “listen” and “talk” via Telnet on any port. This is where the flexibility of the protocol lies.

    Compared to other remote administration protocols, Telnet is less processor intensive. With the current pace of development, this plus may seem insignificant, but only at first glance. Along with the development of technology, companies producing software. Applications are becoming more and more cumbersome, requiring everything more space on your hard drive, more RAM, more powerful processors. A utility that, compared to other installed software, will consume a small amount of system resources, will come in handy.

    Disadvantages of the Telnet protocol

    The main and often cited disadvantage of Telnet is that access to a remote device is carried out over an unencrypted communication channel. The only barrier for an attacker is user authentication at the time of opening a Telnet session, that is, the requirement for a login and password. However, this data is also transmitted unencrypted. Therefore, if someone sets out to hack Telnet access, he only needs to briefly run a packet sniffer (software for “catching” packets). After some time, the administrator will open his Telnet session and provide the remote server with a login and password, which will be immediately intercepted by the attacker in clear text. In this context, an alternative to Telnet is SSH (secure connection). Therefore, it is not recommended to use Telnet on widely available networks, such as outside your secure office LAN. In addition, you should remember that the connection to the server may be interrupted.

    Conclusion. To use or not?

    Of course, other methods of remote administration have emerged over more than four decades. SSH is very popular. It would seem that Telnet should have disappeared a long time ago. But it is still in demand and is still used. If you follow certain safety principles, keeping in mind that your local network must be reliably protected from outside penetration, using Telnet will not harm your equipment. If you neglect security, neither SSH nor any other technology will save you.

    Telnet is still used in such areas as connecting to databases, checking availability network devices(routers and switches), server equipment etc.

    Remote terminal emulation. Remote access to network resources

    Telnet is one of the oldest information technologies on the Internet. It is one of the standards, of which there are three dozen to one and a half thousand recommended official materials on the network, called RFC (Request For Comments).

    Telnet is understood as a triad consisting of:

    • telnet user interface;
    • telnetd-process;
    • TELNET protocol.

    This triad provides a description and implementation of a network terminal for accessing resources on a remote computer.

    There are currently enough large number programs - from Kermit to various kinds of BBS (Belluten Board System), which allow you to work in remote terminal mode, but none of them can compare with telnet in terms of the degree of elaboration of details and implementation concept. In order to appreciate this, you should start getting acquainted with telnet with the protocol.

    Telnet protocol

    Telnet as a protocol is described in RFC-854 (May, 1983). Its authors J. Postel and J. Reynolds, in the introduction to the document, defined the purpose of telnet as follows:

    "The purpose of the TELNET protocol is to provide general description, as far as possible, bidirectional, eight-bit communication, the main purpose of which is to provide standard method interaction between a terminal device and a terminal-oriented process. Moreover, this protocol can also be used to organize “terminal-to-terminal” (communication) and “process-to-process” (distributed computing) interactions.”

    Telnet is built as an application protocol on top of the TCP transport protocol. Telnet is based on three fundamental ideas:

    • network virtual terminal concept ( Network Virtual Terminal) or NVT;
    • the principle of contractual options (coordination of interaction parameters);
    • symmetry of the terminal-process connection.

    When establishing a telnet connection, a program that works with a real terminal device and the process of servicing this program use the specification for representing the rules of operation of the terminal device or the Network Virtual Terminal to exchange information. For brevity, we will refer to this specification as NVT. NVT is standard description the most widely used capabilities of real physical terminal devices. NVT allows you to describe and convert methods for displaying and entering information into a standard form. The terminal program ("user") and the process ("server") working with it transform the characteristics physical devices into the NVT specification, which allows, on the one hand, to unify the characteristics of physical devices, and on the other, to ensure the principle of compatibility of devices with different capabilities. Dialogue characteristics are dictated by the less capable device.

    If the interaction is carried out according to the "terminal-to-terminal" or "process-to-process" principle, then "user" is the party initiating the connection, and "server" is the passive party.

    The principle of contractual options or commands allows us to agree on the possibilities of presenting information on terminal devices. NVT is the minimum required set of parameters that allows even the most antediluvian devices to work via telnet, real modern devices have much greater capabilities for presenting information. The principle of contractual teams allows you to use these opportunities. For example, NVT is a terminal that cannot use cursor control functions, but the real terminal from which the work is carried out can do so. Using contract commands, the terminal program prompts the service process to use Esc sequences to control the output of information. Having received such a command, the process begins to insert control sequences into the data intended for display.

    The symmetry of interaction via the telnet protocol allows the “user” program and the “server” program to change places during one session. This fundamentally distinguishes interaction within telnet from the traditional client-server scheme. Symmetry of interaction is closely related to the process of agreeing on the form of data exchange between participants in a telnet connection. When it comes to working on a remote machine in terminal mode, the capabilities of entering and displaying information are determined only by a specific physical terminal, and the contractual process comes down to ordering the terminal program’s characteristics of this terminal. The situation is much more complicated when it comes to exchanging information between two terminal programs in the “terminal-to-terminal” mode. In this case, each of the parties can initiate a change in the principles of information presentation, and here another feature of the telnet protocol is manifested. The protocol does not use the "request-acknowledge" principle, but applies the "direct action" principle. This means that if the terminal program wants to expand the possibilities of presenting information, then it does so (for example, inserts into information flow Esc sequences), if in response it receives information in a new representation, then this means that the attempt was successful, otherwise it returns to the NVT standard.

    Typically, the process of agreeing on forms for presenting information occurs at the initial moment of organizing a telnet connection. Each process tries to set the maximum possible session parameters. However, these parameters can also be changed later in the interaction process (for example, after starting the application program).

    On Unix systems, terminal parameters are usually described in the termcap terminal description database. When initiating a telnet connection, it is usually these parameters that are used in the process of agreeing on the form of data presentation. In this case, the value of the TERM environment variable is usually transferred from one system to another. If there are identical descriptions in termcap for this value of the TERM variable, then there are usually no problems with presenting the information; if the terminal ordered in TERM is not defined, then the standard system terminal is taken. However, not all functions of this terminal will be used. Only those that are supported at both ends of the connection will remain in the contract process. You can often encounter a situation where the values ​​of the TERM variables on the local and remote machines are the same, and the information on the screen is not displayed as desired. This is most likely caused by differences in the description of this device in the termcap database.

    Network Virtual Terminal (NVT). The concept of a network virtual terminal allows you to provide access to the resources of a remote machine from any terminal device. A terminal device refers to any combination of physical devices that allow information to be entered and displayed. For those familiar with the EC series universal machines, this definition of a terminal is not new: at the time the system booted, it was possible to designate a composite console, which could include a punched card input device and an alphanumeric printing unit (ADP). In earlier computing systems, such terminals could be a system print and a punched tape reader (as on MINSK-22) or a teletype (as on the M-6000). It is clear that behind this concept of a terminal is the requirement for system stability, which was fundamental to the ARPA project.

    The TELNET protocol defines NVT as "a bidirectional character device consisting of a printer and a keyboard." The printer is designed to display information coming over the network, and the keyboard is designed to enter data transmitted over the network and, if the “echo” mode is enabled, output it to the printer. By default, it is assumed that 7-bit US ASCII is used for information exchange, with each character encoded into an 8-bit field. Any character conversion is an extension of the NVT standard.

    NVT is assumed to be a buffered device. This means that data entered from the keyboard is not sent immediately over the network, but is collected in packets that are sent either when the buffer is full or by a special command. Such an organization of NVT is intended, on the one hand, to minimize network traffic, and on the other hand, ensure compatibility with real buffered terminals. For example, such are the EC-7920 terminals, due to which it was possible to lose an entire screen of information if the machine froze.

    When printing on the NVT printer is finished or there are no characters in the keyboard buffer, a special GA (Go Ahead) command must be sent over the network. The meaning of this command is as follows: in real computers, the terminal-process line is controlled by either a terminal program (data input) or a printing program. After performing their function, each of them returns control and releases the line. This typically occurs with half-duplex devices such as the IBM-2741. In order for the protocol to work with these devices, the GA signal was introduced.

    Let us dwell in more detail on the concepts of printer and keyboard in the NVT concept.

    The printer has unlimited page width and length and can display all US ASCII characters (codes 32 - 127), extended character set (codes 128 - 255), and also recognizes control codes (0 - 31 and 127). Some of them have special meanings (Table 3.1).

    The keyboard has the ability to enter all US ASCII characters. In addition, the keyboard can generate special standard terminal control functions. The telnet standard defines five standard terminal management functions. Generally speaking, these functions can either be present on the real terminal, in which case they must be represented in standard command form, or absent, in which case they must be replaced by the NO (No-Operation) command.

    "Abort process" command(Interrupt Process - IP). This command implements a mechanism that is standard for many systems for interrupting the process of executing a user task (Cntrl+C on Unix systems or Cntrl+Break on MS-DOS). It should be noted that the IP command can be used by other protocols as well. application level which can use telnet.

    Command "Abort issuing process"(Abort Output - AO). Many systems allow you to stop the process that displays information on the screen. Here you should understand the difference between this command and IP. When executing IP, the current user process is interrupted, but the output buffer is not cleared, i.e. the process can be stopped and the output buffer will continue to be sent to the screen. This usually happens when communicating over slow communication lines. Users personal computers are well aware of this feature of buffered devices when problems arise with stopping printing: the user has already interrupted printing and cleared the print buffer on the computer using the print /t command, and laser printer continues to wear out the paper sheet after sheet. This is a typical example of an ill-considered approach to the process of managing a terminal device, which is typical for MS-DOS developers. In order to avoid such an incident, the AO team exists. In fact, any user of a slow telephone communication channel can check it - to do this, you can run the more command to view large file, then use the Cntrl+C command to interrupt it - the output of information to the screen will continue, and after that issue the AO command from the telnet command line, which will interrupt the output.

    Command "Are you still here?"(Are You There - AYT). The purpose of this command is to enable the user to make sure that while working on slow lines he has not lost connection with the remote machine. Due to input and output buffering, it may be that the user can enter data, but communication with the remote machine is already lost. In a standard situation, this fact will be detected only after pressing the "Enter" key. Telnet makes it possible to make sure that there is a connection at any time.

    Delete Symbol Command(Erase Character - EC). Many systems provide the ability to edit the command line by entering so-called backspace characters or by deleting the last character typed on the display device. In any case, the last character entered into the buffer is deleted. The EC team aims to standardize the implementation of this mechanism.

    Delete Row Command(Erase Line - EL). This command is similar to EC, but deletes an entire line of input. Typically, executing this command will clear the input buffer because When working in command line mode, there is only one input line.

    Synchronization. On local systems, process synchronization is usually implemented through an interrupt mechanism or, as in Unix, a signal mechanism. This means that the system has the ability to intervene in the data processing process at almost any time. In the context of interaction between a data processing program and a terminal program, this means the ability to interrupt the processing program or clear one of the buffers with or without displaying information from it. It is this type of interaction that the IP and AO commands refer to. However, this is not as easy to do on a network as in a local computing environment. When data is transferred between machines, it is buffered and the exchange occurs in packets. If the "Abort Process" command were simply inserted into a sequence of characters in a packet, it would lead to a lag effect, i.e. after the user enters the command “abort the process”, and the process will continue to execute until it reaches the IP command identifier in the received packet. The result is wasted time. Therefore, the telnet synchronization mechanism consists of using special form TCP (TCP Urgent notification) packet and DATA MARK (DM) command. A special form of TCP packet is used to change the packet processing procedure. Typically, a packet is processed starting from the first character of the packet sequentially. In the case of a special packet form, “interesting” signals are first searched for, and only then the packet is processed according to a standard scenario. The DM command usually closes the packet and indicates the end special processing. If the TCP packet contains special characters to DM, the special processing order is canceled and DM is treated as a No-Operation (NO) command. If no special characters are found, the packet special processing sequence continues. In this sense, the interesting signals or symbols are the standard telnet commands IP, AO, AYT or other commands that require immediate execution.

    Telnet can be used as a command in the operating room Windows system. In fact, it is not only an executable service, but also network protocol or even a firmware that, using a text field, allows the user to “communicate” with a remote computer, sending the system a command to perform a particular action, as well as receiving a log of its execution.

    The name of the protocol stands for Terminal network, which literally means terminal network.

    What is Terminal network

    Using the telnet command, despite its low functionality, you can perform quite a lot of tasks, such as:

    • checking the connection to the server using an open port;
    • connection to remote devices(modem, router or switch) to transmit a command (reboot, shutdown or receive logs);
    • firmware update network equipment or mobile phone;
    • file transfer.

    Many people believe that this connection works, as do most network services, based on the client-server principle. However, this is not true. telnet is a completely two-way service with the same functionality and access levels.

    Interestingly, the program itself includes minimum set functions, which contains only the connection option and the authentication process (verifying the authenticity of the username and password that is allowed access). All other options, both command and system, are called by the connected applications.

    How to work with the shell?

    To use the telnet command's functionality, you must use the command line. In the seventh Windows versions and above, the service is disabled by default and does not start automatically when the command is called. Therefore, you need to follow these steps to enable telnet:


    How to manage the service?

    Once you enter the Windows Terminal Management service, you need to know a few commands to be able to manage it. There are the following options for obtaining a list of control keys:


    If you are familiar with the options, you can immediately connect to the right resource indicating the required data. In this case, the server for the connection is “smatp.ya.ru” and the port is “25”.

    Result:

    The telnet command is very easy to use and quite convenient. However, the technology of its operation does not provide for safety at all. The shell runs under Windows in a completely unprotected mode and without encryption. Therefore, instead of this function, ssh has been used for quite some time.

    According to the principle of organizing the connection, they are almost the same. But the ssh protocol was developed taking into account possible security technologies. In some cases more simple way connection is quite sufficient, for example, when you need to connect to equipment in order to download new firmware or restore the old one, as well as to change the system configuration.

    Using the telnet command makes it possible to establish a communication channel with computers at a distance.

    And the utility itself is almost a kind of browser emulator in the terminal, supporting several network protocols.

    Previously, telnet was often used to control PCs from operating system"Linux".

    And now, using the same utility, they test the network, check ports, manage routers and other IoT devices.

    Content:

    Features of the utility

    Although the main purpose of telnet is to create connections between distant friend from a friend PC using the same protocol, using the utility you can manage other services.

    For example, access POP3, HTTP, IRC or SMTP.

    After all, these and some other services operate on the basis of transport TCP protocol, to work with which you can use a telnet client.

    Telnet command syntax when connecting to to a remote computer looks like this: $ telnet (options) (host) (port).

    The host is the domain of the computer to which the connection is made. Port – port on the computer from which access is being made. And the options could be as follows:

    • -4 and -6 enforce the use of ipv4 and ipv6 addresses, respectively;
    • -8 makes it possible to use 8-bit encoding;
    • -E disables support for escape sequences;
    • -a automatically registers the user on the remote system;
    • -d enables debugging mode;
    • -p enables rlogin emulation;
    • -e sets the initial escape character;
    • -l authorizes the user in the system.

    After a connection to the remote host is established, the telnet utility begins working in one of two modes - line by line or character by character.

    The first option is the most preferable due to the ability to edit the text directly and send it only after the user has completely typed in all the information.

    The disadvantage of this line-by-line mode is the lack of support for it by some services. While character-by-character can be used in any case.

    However, when using it, all information is sent instantly.

    And if the user makes a mistake, it will be impossible to correct it - after all, even spaces and Backspace are sent to the server in the form of characters.

    You should know: When using the telnet protocol, there is no possibility of encrypting information transfer. All data is sent directly and can be intercepted by an unauthorized user. And it is not recommended to transmit them in this way - it is advisable to use the secure Secure Shell network protocol for this.

    Basic Commands

    When working with the telnet protocol, the user enters the appropriate commands into the console. The most popular include the following:

    • OPEN (PC name) (port). Allows you to communicate with the computer whose name is specified in the command. If you do not specify a port, the utility will try to use the default number. Sometimes it is indicated instead of the PC name;
    • DISPLAY (argument). Command to display a full or partial set of telnet utility parameters;
    • CLOSE. Designed to close the telnet session and return the system to command mode;
    • QUIT. Command to end all open connections and exit telnet;

    Rice. 2. Using the Quit command in the MS Telnet client.

    • MODE TYPE. Used to control one of two input mode options (character-by-character or line-by-line). In this case, a request is sent to the remote computer to switch to specific mode, and, if supported by the service, appropriate switching is provided;
    • STATUS. A command that displays the current utility status, name and exchange mode;
    • ? (team). Reports information about the corresponding command sequence. It is needed in cases where the user is going to use a command that is unfamiliar to him;
    • ! (team). Executes a command sequence on local system;
    • SEND ARGUMENTS. Sends character arguments to the remote PC;
    • ESCAPE. Sends one of the escape characters such as comma, bracket, or caret (^);
    • SYNCH. Serves to send a synch sequence that allows you to cancel all commands typed but not yet sent. Used only in line-by-line mode;
    • BRK. Sending a break sequence when the Break key is pressed.

    All of these commands are basic, although their total number is much larger. However, due to the rather rare use of this utility, the easiest way to find a complete list of them is by entering HELP in the terminal.

    Ah, after displaying full list, get background information about each command sequence using the "?" command.

    Although, for example, for telnet client V Windows list may be shortened.

    Rice. 3. List of telnet commands in the Microsoft client.

    Read more: