Network Tools

When you have the network up and running, you need to take advantage and start using it. Any administrator will realize that sitting in front of a machine to administer it is laborious and time-consuming. Network tools such as Telnet and SSH provide a means to log into a Linux machine, creating a virtual terminal for you to work at.

Telnet is a protocol that has been around for a very long time and is now considered quite antiquated and insecure as all transmissions via Telnet are in plain text. Because of this, most modern distributions disable the Telnet server out of the box. By default, you will be able to SSH into a server (discussed later in the chapter).

It does not take a genius to be able to "sniff" traffic on a network, and anything that is sent over the network in plain text can be found using freely available network monitoring tools. Telnet itself has no concept of encryption, and your username and more important password are sent over the network in plain text. Imagine if you were Telnetting into a machine over the Internet. All of the routers and networks your packets have to traverse could have a malicious user sniffing traffic for data. As soon as they find you connecting to a machine via Telnet and have your password, they can then log into that machine and assume your identity.

Telnet is still in use today as its implementations are still widespread. SUSE does include a Telnet server and client, but the server is not enabled by default.

The SSH server and client are installed by default and are enabled out of the box. This forces you to use SSH for your terminal emulation if you do not install the Telnet services.

The SSH protocol is an encrypted virtual terminal and so much more. SSH will connect to the server and initiate an encrypted connection. It will then negotiate a connection using a username and password, all encrypted. This stops any "man in the middle" attack from taking place as an encrypted link has been set up before user data has been sent.

Note A man in the middle attack takes place when a malicious user intercepts network packets on your network and views the contents of them. In the example of Telnet, your passwords can easily be found by some malicious user's intercepting your network packets and analyzing these packets during the initialization of a Telnet session.

Not only can you set up a connection with a username and password, but also you can create a public and private key pair that will authenticate instead of a password. The great thing about using public/private keys is that unless you have physical access to the key, you will be unable to log into the server, regardless of whether you know the password of a user.

Was this article helpful?

0 0

Post a comment