Practical purpose of this demonstration

Verificar com um analisador de pacotes de redes (um sniffer) a criptografia presente via SSH e ausente via Telnet. Justificar o uso do protocolo SSH sempre que possível ao invés do protocolo Telnet.

1. Analyzing Telnet packets

Why does everyone use SSH instead of Telnet? - SSH and Telnet are two protocols that have the same objective, that is, access a server to perform operations on that remote system. But the main difference between the two is encryption.

A simple definition for encryption is the ability to make a message unreadable and only someone with the rollback key could read the original content.

If an unencrypted message travels over a network, anyone who intercepts it can read its contents. Using a network packet analyzer, which is also known as a Sniffer, we can demonstrate this. As an example, we can use Wireshark, in Figure 1, and see network packets traveling both on an SSH connection and on a Telnet connection.

image 001
Figure 1. Wireshark app

See other alternatives to Wireshark in section Network sniffers options.

We need to check which is the server IP and make Wireshark filter IP packets addressed to this using the syntax ip.dst == Now only network packets from that Telnet connection will be displayed.

For the test we can inform the user on the telnet connection and press Enter. Then we clear the Wireshark history and we can see from here that for each key typed a network packet is sent exposing what you type.