How to Use Telnet: Command Guide for Network Testing (2026)

What Is Telnet and Why Learn It

Telnet (Teletype Network) is a network protocol developed in the late 1960s that allows users to communicate with remote systems over TCP/IP connections. Formally defined in RFC 854, it operates on a client-server model, establishing a virtual terminal session between your machine and a target host. By default, telnet uses port 23, but its real power comes from connecting to any TCP port for testing purposes.

Originally designed for remote administration, telnet enabled system administrators to manage servers before graphical interfaces existed. Today, its primary use has shifted from remote access to network diagnostics because it transmits data in plain text without encryption.

Understanding how ports work is essential for effective telnet usage. If you need a refresher, our guide on network ports explains port numbers and their role in network communication.

Key uses for telnet in modern networking include:

• Testing whether a specific port is open and accepting connections
• Debugging mail servers by manually sending SMTP commands
• Verifying web server responses by sending raw HTTP requests
• Checking if firewalls are blocking specific services
• Troubleshooting database connectivity issues
• Testing banner grabbing during security assessments

Despite being replaced by SSH for secure remote access, telnet's simplicity makes it the fastest way to verify basic TCP connectivity. When you need to know if a service is listening on a port, telnet provides an immediate answer.

Enabling Telnet on Windows

Windows does not enable the telnet client by default. Microsoft disabled it starting with Windows Vista due to security concerns, but you can easily enable it through Windows Features or PowerShell. The Microsoft documentation covers additional options for Windows Server environments.

Method 1: Windows Features GUI

Follow these steps to enable telnet through the graphical interface:

1. Press Win + R to open the Run dialog
2. Type optionalfeatures and press Enter
3. In the Windows Features window, scroll down to find "Telnet Client"
4. Check the box next to Telnet Client
5. Click OK and wait for Windows to install the feature

Installation typically completes within a minute. No restart is required.

Windows 11 Installation via Settings

Windows 11 provides an updated path through the Settings app:

1. Open Settings (Win + I)
2. Navigate to System > Optional features
3. Click "View features" next to "Add an optional feature"
4. Search for "Telnet Client" in the search box
5. Check the box and click "Next," then "Install"

The installation progress appears in the Optional features list. Once complete, open a new Terminal or Command Prompt window to use telnet.

Method 2: PowerShell (Administrator)

For a faster approach, open PowerShell as Administrator and run:

Enable-WindowsOptionalFeature -Online -FeatureName "TelnetClient"

This command enables telnet silently without opening any additional windows.

Method 3: Command Prompt (Administrator)

Alternatively, use the DISM command in an elevated Command Prompt:

dism /online /Enable-Feature /FeatureName:TelnetClient

Verifying Installation

Open a new Command Prompt and type telnet. If installation succeeded, you will see the Microsoft Telnet prompt:

Microsoft Telnet>

Type quit to exit the telnet prompt and return to the command line.

Installing Telnet on Linux

Most modern Linux distributions do not include telnet by default, but installation requires just one command depending on your distribution.

Debian and Ubuntu

sudo apt update && sudo apt install telnet

CentOS, RHEL, and Fedora

sudo dnf install telnet

On older CentOS versions using yum:

sudo yum install telnet

Arch Linux

sudo pacman -S inetutils

Verifying Installation

Check that telnet is available:

which telnet

This should return /usr/bin/telnet or a similar path. You can also run telnet without arguments to enter the interactive prompt.

Installing Telnet on macOS

Apple removed the telnet client from macOS starting with High Sierra (10.13). Modern Macs require installing telnet through a package manager or using built-in alternatives.

Method 1: Homebrew Installation

The easiest way to install telnet on macOS is through Homebrew. If you do not have Homebrew installed, run:

/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"

Then install telnet:

brew install telnet

Method 2: Using Netcat as an Alternative

macOS includes netcat (nc) by default, which handles most telnet tasks. To test port connectivity:

nc -vz hostname port

For example, testing a web server:

nc -vz example.com 80

The -v flag enables verbose output, and -z scans without sending data. For interactive sessions where you need to send commands (like SMTP debugging), omit the -z flag:

nc example.com 25

Verifying Installation

After installing via Homebrew, verify telnet works:

telnet --version

Or simply test a connection:

telnet example.com 80

How to Use Telnet: Basic Syntax and Connection

The basic telnet command follows a simple pattern:

telnet [hostname or IP] [port]

If you omit the port number, telnet defaults to port 23. For most modern uses, you will specify the port explicitly to test specific services.

Connecting to a Host

To test connectivity to a web server on port 80:

telnet example.com 80

A successful connection displays:

Trying 93.184.216.34...
Connected to example.com.
Escape character is '^]'.

The "Connected" message confirms the port is open and accepting connections. The escape character hint (^]) tells you how to access the telnet command mode: press Ctrl + ].

Connection Failures

If the connection fails, you might see:

Trying 192.168.1.100...
telnet: Unable to connect to remote host: Connection refused

This indicates either the service is not running on that port, or a firewall is blocking the connection. A timeout message suggests the host is unreachable or the port is filtered.

Exiting a Telnet Session

To close a telnet connection:

1. Press Ctrl + ] to enter command mode
2. Type quit and press Enter

Alternatively, if the remote service supports it, type the appropriate quit command for that protocol (like QUIT for SMTP or exit for some services).

Testing Open Ports with Telnet

One of the most common uses for telnet is verifying whether a port is open on a remote system. This simple test answers the question: "Is this service running and accessible?"

Common Ports to Test

Here are frequently tested ports and their services:

• Port 22: SSH server
• Port 25: SMTP (email sending)
• Port 80: HTTP web server
• Port 443: HTTPS web server
• Port 3306: MySQL database
• Port 5432: PostgreSQL database
• Port 6379: Redis
• Port 27017: MongoDB

Testing a Web Server

telnet webserver.example.com 80

If you receive a connection, the web server is running. You can even send a basic HTTP request:

GET / HTTP/1.1
Host: webserver.example.com

Press Enter twice after the Host line to send the request. The server responds with HTTP headers and page content.

Testing a Database Port

telnet database.internal 3306

A MySQL server typically sends a greeting containing version information when you connect. If you cannot connect, verify the database is running and allows remote connections.

More Telnet Examples

Here are practical telnet command examples for common services:

Testing Redis connectivity:

telnet redis.internal 6379

Once connected, type PING and press Enter. A working Redis server responds with +PONG.

Testing MongoDB:

telnet mongodb.internal 27017

MongoDB accepts the connection but does not display a greeting. A successful connection message confirms the service is running.

Testing SSH availability:

telnet server.example.com 22

An SSH server responds with its version banner, such as SSH-2.0-OpenSSH_8.9.

Quick Reference: Telnet Commands

Command	Purpose
telnet host 80	Test HTTP web server
telnet host 443	Test HTTPS port (connection only)
telnet host 25	Test SMTP mail server
telnet host 22	Test SSH server availability
telnet host 3306	Test MySQL database
telnet host 5432	Test PostgreSQL database
telnet host 6379	Test Redis server

Interpreting Results

Response	Meaning
Connected to...	Port is open and service is listening
Connection refused	Host reachable but port is closed
Connection timed out	Host unreachable or port filtered by firewall
Name resolution failure	DNS cannot resolve the hostname

For comprehensive port scanning, tools like Nmap provide more features. Check our Nmap cheat sheet for detailed scanning techniques.

Using Telnet to Debug SMTP Servers

Telnet excels at troubleshooting email delivery issues. By connecting directly to an SMTP server on port 25 (or 587 for submission), you can manually walk through the email sending process and identify where failures occur.

Connecting to an SMTP Server

telnet mail.example.com 25

A working mail server responds with a greeting:

220 mail.example.com ESMTP Postfix

The 220 code indicates the server is ready to receive commands.

Basic SMTP Conversation

Follow this sequence to test email delivery:

EHLO testclient.local
MAIL FROM:<sender@example.com>
RCPT TO:<recipient@example.com>
DATA
Subject: Test Email

This is a test message.
.
QUIT

Each command receives a response code:

• 250: Command accepted
• 354: Ready for message data (after DATA command)
• 550: Mailbox unavailable or rejected
• 554: Transaction failed

What to Look For

SMTP debugging helps identify:

• Authentication requirements (530 errors)
• Relay restrictions (550 relaying denied)
• DNS issues (sender domain cannot be verified)
• Blacklisting (connection rejected based on IP)
• TLS requirements (STARTTLS needed)

This manual approach isolates problems that automated email clients obscure with generic "send failed" messages.

Telnet vs SSH: Understanding the Security Difference

While both telnet and SSH provide remote terminal access, their security models differ fundamentally. Understanding this difference explains why telnet should never be used for remote administration over untrusted networks.

Telnet Security Risks

Telnet transmits everything in plain text, including:

• Usernames and passwords
• Commands you type
• Output from the remote system
• Any data transferred during the session

Anyone monitoring network traffic between you and the server can capture this information. On shared networks or across the internet, this makes telnet extremely dangerous for authentication.

Why SSH Replaced Telnet

SSH (Secure Shell) addresses telnet's security weaknesses by providing:

• Encryption: All traffic is encrypted, protecting credentials and data
• Authentication: Supports passwords, keys, and multi-factor authentication
• Integrity: Detects tampering with transmitted data
• Port forwarding: Securely tunnel other protocols

For any remote administration task, use SSH instead of telnet.

When Telnet Is Still Appropriate

Telnet remains useful in specific scenarios:

• Port testing: Checking if services are running (no authentication involved)
• Protocol debugging: Manually testing SMTP, HTTP, or other text protocols
• Isolated networks: Air-gapped lab environments with no external access
• Legacy devices: Some network equipment only supports telnet (should be isolated)
• CTF challenges: Many capture-the-flag competitions include telnet services

The rule is simple: use telnet for testing and debugging, never for logging into systems with real credentials.

Legal and Ethical Considerations

Using telnet to connect to systems requires proper authorization. Even simple port testing can trigger security alerts or violate acceptable use policies.

Authorized Testing Scenarios

• Testing your own servers and infrastructure
• Troubleshooting services you administer
• Penetration testing with explicit written permission
• Bug bounty programs where port testing is in scope
• Educational labs and CTF competitions

What to Avoid

Do not use telnet to:

• Probe systems you do not own or have permission to test
• Attempt authentication on unauthorized systems
• Scan large numbers of hosts without authorization
• Bypass access controls or security measures

Unauthorized port scanning and connection attempts may violate computer crime laws in most jurisdictions. Even well-intentioned security testing requires explicit permission from the system owner.

Safe Practice Environments

Build your networking skills in environments designed for learning. HackerDNA labs provide safe spaces to practice telnet and other network tools without legal concerns. Our network penetration testing course teaches these techniques in controlled environments where you can experiment freely.

Frequently Asked Questions

How do I enable telnet on Windows 11?

Open Settings, go to Apps > Optional Features, click "View features," search for "Telnet Client," and install it. Alternatively, run Enable-WindowsOptionalFeature -Online -FeatureName "TelnetClient" in PowerShell as Administrator.

Why does telnet say "command not found" on Linux?

Telnet is not installed by default on most modern Linux distributions. Install it with sudo apt install telnet on Debian/Ubuntu or sudo dnf install telnet on Fedora/RHEL.

Is telnet still used in 2026?

Yes, but primarily for diagnostics and testing rather than remote access. Network administrators use telnet to test port connectivity, debug mail servers, and verify service availability. SSH has replaced telnet for secure remote administration.

How do I test if a port is open with telnet?

Run telnet hostname port (for example, telnet example.com 80). If you see "Connected," the port is open. "Connection refused" means the port is closed, and a timeout indicates the port is filtered or the host is unreachable.

What is the default telnet port?

Telnet uses port 23 by default when connecting for remote terminal access. However, when using telnet for port testing, you specify the target port explicitly to test any TCP service.

Can I use telnet to check if a website is running?

Yes. Run telnet website.com 80 (or port 443 for HTTPS). A successful connection confirms the web server is running. You can even send HTTP requests manually to see the server response, though for HTTPS you need tools that support TLS.

How do I telnet to a specific port?

Use the syntax telnet hostname port. For example, telnet mail.example.com 587 connects to port 587. The port number always comes after the hostname or IP address with a space between them.

How do I install telnet on Mac?

Install Homebrew if you have not already, then run brew install telnet. Alternatively, use the built-in netcat command: nc -vz hostname port for port testing or nc hostname port for interactive sessions.

Start Using Telnet for Network Testing

You now know how to use telnet for practical network diagnostics, from enabling the client on Windows and Linux to testing ports and debugging SMTP servers. The key points to remember: telnet is a diagnostic tool for testing connectivity, not a secure method for remote access. Always use SSH when logging into systems, and reserve telnet for quick port checks and protocol debugging.

Telnet's simplicity is its strength. When you need to quickly verify whether a service is listening on a port, a single telnet command provides an immediate answer. Combined with knowledge of common ports and protocols, this basic tool solves connectivity problems that would otherwise require complex debugging.

Ready to expand your network security skills? Explore our ethical hacking course to learn how professionals use telnet and other tools during security assessments. Understanding network protocols at this level builds the foundation for advanced penetration testing techniques.