Do not use telnet without encryption

이 페이지는 아직 한국어로 제공되지 않으며 번역 작업 중입니다. 번역에 관한 질문이나 의견이 있으시면 언제든지 저희에게 연락해 주십시오.

Metadata

ID: go-security/telnet-request

Language: Go

Severity: Info

Category: Security

CWE: 319

Description

When sending telnet requests, it is important to use Secure Sockets Layer (SSL) or its successor, Transport Layer Security (TLS), to ensure secure communication. Telnet protocol transmits data in plaintext, which means that any information exchanged, including sensitive data like passwords or commands, can be intercepted and read by malicious actors if the connection is not encrypted.

By utilizing SSL/TLS with telnet requests, the data transmitted is encrypted, making it significantly more difficult for unauthorized parties to intercept and read the information being exchanged.

Non-Compliant Code Examples

func main () {
    telnet.DialToAndCall("my.telnet.server:23", caller)
}

Compliant Code Examples

func main () {
    telnet.DialToAndCallTLS("my.telnet.server:992", caller)
}
https://static.datadoghq.com/static/images/logos/github_avatar.svg https://static.datadoghq.com/static/images/logos/vscode_avatar.svg jetbrains

Seamless integrations. Try Datadog Code Analysis

PREVIEWING: mcretzman/DOCS-9337-add-cloud-info-byoti