Re: Block by client-version



I would like to be able to allow connections from all host IP's, but
be able to block connections from any client-versions that we have not
deployed. Is there a way to do this?

For example I've found, that almost all 'crackers' use 'libssh-0.2'
but our users use 'PuTTY-Release-XXXX' so we can freely block
'libssh-0.x'

we use:
# ssh -V
OpenSSH_4.7p1-hpn13v1, OpenSSL 0.9.8g 19 Oct 2007
# cat /etc/gentoo-release
Gentoo Base System release 1.12.11.1

--
Denis Kot
denis?jabber.org.by
ICQ: 13680126
Mobil: +375 29 6-1234-78



Relevant Pages

  • Re: ipchains too old?
    ... > get a firewall in place and set up snort or some other nids to keep an ... IPChains is still useful. ... but you can still block connections to ports that shouldn't be connected ... host but that are not intended to be available from other hosts. ...
    (comp.os.linux.security)
  • Re: ipchains too old?
    ... > get a firewall in place and set up snort or some other nids to keep an ... IPChains is still useful. ... but you can still block connections to ports that shouldn't be connected ... host but that are not intended to be available from other hosts. ...
    (comp.os.linux.security)