Ask Your Question
0

Doubled-up characters (red-blue) for telnet username but not for password on TCP stream page

asked 2018-05-29 21:07:48 +0000

jc079 gravatar image

Good day all,

Do any of you know why characters of the telnet servers login are doubled up in red and blue? For example, the username "jonathan" shows up as "jjoonnaatthhaann" in the Follow TCP stream window with the letters alternating between blue and red.

The characters of the password to the server are not duplicated however. Do you know why that is the case?

Thank you in advance for the help.

Jonathan

edit retag flag offensive close merge delete
add a comment

1 Answer

Sort by » oldest newest most voted
0

answered 2018-05-29 22:15:46 +0000

Jasper gravatar image

Red and blue are the colors for client and server, so it seems that each character sent to the server is immediately echoed back to the client (which isn't uncommon) for displaying purposes. I'm not sure why the same doesn't happen for the password, but if you check the packet contents you'd be able to tell if they get echoed too or if the password is contained in a single packet.

edit flag offensive delete link more

Comments

Thanks for your answer Jasper. I figured the user character input would be pinged back by the server hence explaining the duplication in characters, however, I am still puzzled as to why the password does not have any duplicated characters. I checked the packet contents and I could not find any pinging.

jc079 gravatar imagejc079 ( 2018-05-30 00:23:11 +0000 )edit

It's a terminal protocol, so the server has a concept of session login. In the character mode it's in, it knows that the session password is being entered, hence doesn't echo those, as they would otherwise appear in plain sight, on the terminal (or paper).

Jaap gravatar imageJaap ( 2018-05-30 05:05:42 +0000 )edit
add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

subscribe to rss feed

Stats

Asked: 2018-05-29 21:07:48 +0000

Seen: 2,363 times

Last updated: May 29 '18

Copyright Wireshark Foundation, 2017-2023 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
about | faq | help | privacy policy | terms of service
Powered by Askbot version 0.10.2