On Tue, 2006-01-10 at 03:10, Mike Bo wrote: > Do a search on "OS fingerprinting" and you'll find tools (checkos, nmap, > etc.) which can determine a remote OS and version simply by observing the > behavior of the networking stack. But with SunSSH, you don't even need any > extra tools because the daemon itself betrays the host OS. When the string > changes, it will become even easier to script a version specific attack for > the latest Solaris or the FTP, BIND, or other utilities that it installs (or > includes on a companion CD).
Which is EXACTLY why hiding this in the banner printed by SSH is pointless. You do realise that if you change this the client and server may have interop problems with over clients and servers ? I will not be changing this in Solaris. However you are more than free to build your own version of SSH from the Sun modified sources that are available from opensolaris.org, or choose to run with a broken PAM implementation by using the current bits from OpenSSH. -- Darren J Moffat _______________________________________________ opensolaris-discuss mailing list [email protected]
