Best Practices for Administering Telnet

Applies To: Windows 7, Windows 8, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Vista

The following best practices are proven to improve security, increase availability, ensure trouble-free operations, or ease administration when you use them to administer Telnet:

  • Use only NTLM Authentication if your clients all support it

    Using NTLM Authentication ensures that your user names and passwords are not sent over the network in plaintext. If all of your Telnet clients can support NTLM authentication, then configure them to use NTLM, and disable plaintext authentication on the Telnet server.

  • Allow users to disconnect before stopping the service

    Before you stop the Telnet Server service or uninstall it, send a message to Telnet client sessions that you are about to stop the service. You can then stop the service after the users have had the opportunity to close their sessions.

    For more information, see Send a Message to a Telnet Session.

  • Make sure that the client code page matches the code page of the UNIX terminal

    If users will be connecting to Telnet Server from computers running an internationalized version of UNIX (such as a version capable of supporting European languages), ensure that the code page used by the command shell can display extended characters properly. To set the code page for all users when they log on, edit %systemroot%\system\login.cmd to add the chcp command to set the appropriate code page. For example, to support English and Western European UNIX, add the command chcp 1252.

    For more information, see Configure the User's Session with Login.cmd.

Additional references

For additional information about the standards that define Telnet, see the following Request for Comment (RFC) documents available at the Internet Engineering Task Force Web site (

  • RFC 854: Telnet Protocol Specification

  • RFC 2839: Internet Kermit Service

  • RFC 2877: 5250 Telnet Enhancements

  • RFC 2941: Telnet Authentication Option

  • RFC 4248: The Telnet URI Scheme

  • RFC 4559: SPNEGO-based Kerberos and NTLM HTTP Authentication in Microsoft Windows

See Also


Introduction to Administering Telnet
Understanding Telnet
Using Telnet
Installing Telnet
Managing Telnet Client
Managing Telnet Server
Telnet Additional Resources