Re: openssh

From: alexus (ml@db.nexgen.com)
Date: 03/16/02


From: "alexus" <ml@db.nexgen.com>
To: <vokeyc@aciworldwide.com>, "Christopher Schulte" <schulte+freebsd@nospam.schulte.org>
Date: Fri, 15 Mar 2002 18:29:01 -0500

I understand that changing banner won't increase any security, i'm asking if
it's possible to remove it at all, I do not want for this banner to be
appear at all, period.

----- Original Message -----
From: "Christopher Schulte" <schulte+freebsd@nospam.schulte.org>
To: "alexus" <ml@db.nexgen.com>; <vokeyc@aciworldwide.com>
Cc: <freebsd-security@FreeBSD.ORG>; <owner-freebsd-security@FreeBSD.ORG>
Sent: Friday, March 15, 2002 4:41 PM
Subject: Re: openssh

> At 04:34 PM 3/15/2002 -0500, alexus wrote:
> >however most of the scaners they just look at the versions and they
> >automaticly assume that this server can be exploited just for reaosn i
run
> >ssh 2.9.x
>
> And quite a few scanner will probe you no matter what banner is displayed.
>
> Changing the banner will not increase your security. Keeping up to date,
> using a packet filter, and having an IDS/backup will.
>
> --
> Christopher Schulte
> http://www.schulte.org/
> Do not un-munge my @nospam.schulte.org
> email address. This address is valid.
>
>

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message



Relevant Pages

  • Re: SSHD revelaing too much information.
    ... hundreds of machines and really don't see this as a problem. ... The 'green' banner does not attract any ... This goes against my security ... > networks) then make sure you're running a known secure version. ...
    (FreeBSD-Security)
  • FW: RE Modem identification
    ... Say the return in the banner looks like this: ... Extended ASCII characters into somtheing more readable. ... systems table to match up against what the modem is sending ... Global Integrity Information Security ...
    (Pen-Test)
  • RE: plugging old IIS FTP holes
    ... After weighing up the advantages of changing the banner (I could not ... think of any) I was also wondering if the integrity of the servers ... security can be compromised by running such tools to change banner (such ... plugging old IIS FTP holes ...
    (Focus-Microsoft)
  • [NT] Foundstone Fscan Format String Bug
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... malicious service banner overwriting the stack and the EIP on the PC ... - Foundstone Fscan version 1.12 for Windows ... The vendor was contacted on the 14th of April, ...
    (Securiteam)
  • CAPZLOCK SECURITY ADVISORY NO. 1
    ... CONFIDENTIAL INFORMATION - PLEASE DISTRIBUTE - CONFIDENTIAL INFORMATION ... This advisory is dedicated to the many hard-working penetrators ... in the security industry. ... Users can set the probability of displaying each banner. ...
    (Bugtraq)