As David indicates it is better to filter using ssh itself to not allow sshv1 connections.
Darren describes limited content filtering to track connections here: http://marc.theaimsgroup.com/?l=ipfilter&m=109924496029603&w=2 -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Powers Sent: Tuesday, August 09, 2005 10:05 AM To: gros castor Cc: [email protected] Subject: Re: block sshv1 or sshv2 ? I'm not an ipfilter expert, but I can't think of a way you could do it. Even if you could, I can think of much better tools to do the job. Not the least of which would be to configure the ssh servers to only accept v2 connections. ;) -David gros castor wrote: >A "security expert" claims that it is possible with IPFILTER to choose >to block sshv1 and not to block sshv2. > >I don't agree because IPFILTER does his job on the layer 3 and 4. >Whereas SSH belongs to application layer. > >What do you think about this ? > >Thank you > > >
