Introduction to web security telent testing and defense

telnet brief introduction ：

Telnet Agreement is Internet The standard protocol and main way of remote login service . Use on the end user's computer telnet Program , Use it to connect to the server . To start a telnet conversation , You must enter a user name and password to log in to the server .Telnet It's a common remote control Web Server method .

telnet It is often used to test network and port occupancy .

Safe hidden trouble

Telnet Is a clear text transfer protocol , It will all the content of the user , Including user name and password are transmitted in clear text on the Internet , It has certain potential safety hazards .

majority Telnet The default method of the program is ： One character at a time , The client sends each character entered by the user to the server separately , Server echo character to client .

Defensive skills

The administrator sets the user name and password that are easy to guess （ Weak password ）, Then the server is easy for hackers to use the corresponding password tools to violently explode weak passwords .

1、 Discontinue use telnet Services and ports

2、 Use the honeypot to open telnet service

3、 Replace with ssh Protocol login

Message analysis

Use kali In the system hydra Blasting

Make a user name dictionary

Make account information

Have in hand

Successful login system information .