Re: FTP-SSL
On Wed, Dec 18, 2002 at 03:38:22AM -0800, Rick Moen wrote:
> > why not use sftp(1) ?
>
> Why not use scp, optionally with the various graphical front-ends that
> exist on the client side? All known options for various OSes are
> included here: http://linuxmafia.com/pub/linux/security/ssh-clients
>
> (It's a great deal more universally supported than is sftp.)
Because sftp(1) understands a set of commands similar to those of ftp(1).
It may also use many features of ssh.
I think it's easier for him.
just my 2 cents.
//xavier
--
Xavier Santolaria [EMAIL PROTECTED]
Alldas.org IT-Security Information Network [EMAIL PROTECTED]
perl -we '$|=1;print 1;@a=qw(\ | / -);while(){for($i=0;$i<@a;$i++)
{print"\b$a[$i]";select undef,undef,undef,.1}}print"\n"'
pgp6pB7auEZPz.pgp
Description: PGP signature
Re: FTP-SSL
On Wed, Dec 18, 2002 at 10:53:45AM +0100, Yahoo wrote:
> I am interesting to setup a ftp daemon with SSL option,
> which is an useful option ???
> and I need some ftp-ssl client for windows 2000, is there anyone free ?
why not use sftp(1) ?
//xavier
--
Xavier Santolaria [EMAIL PROTECTED]
Alldas.org IT-Security Information Network [EMAIL PROTECTED]
perl -we '$|=1;print 1;@a=qw(\ | / -);while(){for($i=0;$i<@a;$i++)
{print"\b$a[$i]";select undef,undef,undef,.1}}print"\n"'
pgprCmjTZLT64.pgp
Description: PGP signature
Re: FTP-SSL
On Wed, Dec 18, 2002 at 03:38:22AM -0800, Rick Moen wrote:
> > why not use sftp(1) ?
>
> Why not use scp, optionally with the various graphical front-ends that
> exist on the client side? All known options for various OSes are
> included here: http://linuxmafia.com/pub/linux/security/ssh-clients
>
> (It's a great deal more universally supported than is sftp.)
Because sftp(1) understands a set of commands similar to those of ftp(1).
It may also use many features of ssh.
I think it's easier for him.
just my 2 cents.
//xavier
--
Xavier Santolaria [EMAIL PROTECTED]
Alldas.org IT-Security Information Network [EMAIL PROTECTED]
perl -we '$|=1;print 1;@a=qw(\ | / -);while(){for($i=0;$i<@a;$i++)
{print"\b$a[$i]";select undef,undef,undef,.1}}print"\n"'
msg08239/pgp0.pgp
Description: PGP signature
Re: FTP-SSL
On Wed, Dec 18, 2002 at 10:53:45AM +0100, Yahoo wrote:
> I am interesting to setup a ftp daemon with SSL option,
> which is an useful option ???
> and I need some ftp-ssl client for windows 2000, is there anyone free ?
why not use sftp(1) ?
//xavier
--
Xavier Santolaria [EMAIL PROTECTED]
Alldas.org IT-Security Information Network [EMAIL PROTECTED]
perl -we '$|=1;print 1;@a=qw(\ | / -);while(){for($i=0;$i<@a;$i++)
{print"\b$a[$i]";select undef,undef,undef,.1}}print"\n"'
msg08232/pgp0.pgp
Description: PGP signature
Re: ssh "banner"
issue(5) might help some of you about pre-login banner and daemon(s)
banner version.
-xavier
On Fri, Oct 18, 2002 at 03:30:01PM +0200, Tobias Rosenstock wrote:
> edit /etc/ssh/sshd_config and put a comment mark (#) at the beginning of
> the line that says
> Banner /etc/issue.net
> or something like that.
>
--
Xavier Santolaria [EMAIL PROTECTED]
Alldas.org IT-Security Information Network http://xs.alldas.org
perl -we '$|=1;print 1;@a=qw(\ | / -);while(){for($i=0;$i<@a;$i++)
{print"\b$a[$i]";select undef,undef,undef,.1}}print"\n"'
pgpU0TExwL8R9.pgp
Description: PGP signature
Re: ssh "banner"
This won't do the trick, AFAIK it will only display /etc/issue.net
content before the password prompt, but wont change/hide the version
of the sshd when telnet'ing localhost || ip on port 22.
-xavier
> Edit sshd_config
>
> find the line with something like
>
> Banner /etc/issue.net
>
> and set
>
> # Banner /etc/issue.net
>
> killall -9 sshd
>
> done
>
--
Xavier Santolaria [EMAIL PROTECTED]
Alldas.org IT-Security Information Network http://xs.alldas.org
perl -we '$|=1;print 1;@a=qw(\ | / -);while(){for($i=0;$i<@a;$i++)
{print"\b$a[$i]";select undef,undef,undef,.1}}print"\n"'
pgpy6uPbEiLKT.pgp
Description: PGP signature
Re: ssh "banner"
You can still have a look there:
http://groups.google.com/groups?selm=cy9se16re.fsf%40zeus.theos.com&output=gplain
for an answer, but would be better to not touch it.
If you can restrict the access to port 22 for a few ip's, do it and block
the rest. Will save you some sleepless nights if you'r _that_ worried about
showing off your sshd version.
cheers,
-xavier
On Fri, Oct 18, 2002 at 02:58:44PM +0200, [EMAIL PROTECTED] wrote:
> Woody
>
> host:/home/przemol>telnet 192.168.x.y ssh
> Trying 192.168.x.y...
> Connected to 192.168.x.y.
> Escape character is '^]'.
> SSH-2.0-OpenSSH_3.4p1 Debian 1:3.4p1-1
>
> How can I disable the message ?
>
> przemol
>
>
> --
> To UNSUBSCRIBE, email to [EMAIL PROTECTED]
> with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
>
--
Xavier Santolaria [EMAIL PROTECTED]
Alldas.org IT-Security Information Network http://xs.alldas.org
perl -we '$|=1;print 1;@a=qw(\ | / -);while(){for($i=0;$i<@a;$i++)
{print"\b$a[$i]";select undef,undef,undef,.1}}print"\n"'
pgpj4ihs6fYum.pgp
Description: PGP signature
Re: ssh "banner"
issue(5) might help some of you about pre-login banner and daemon(s)
banner version.
-xavier
On Fri, Oct 18, 2002 at 03:30:01PM +0200, Tobias Rosenstock wrote:
> edit /etc/ssh/sshd_config and put a comment mark (#) at the beginning of
> the line that says
> Banner /etc/issue.net
> or something like that.
>
--
Xavier Santolaria [EMAIL PROTECTED]
Alldas.org IT-Security Information Network http://xs.alldas.org
perl -we '$|=1;print 1;@a=qw(\ | / -);while(){for($i=0;$i<@a;$i++)
{print"\b$a[$i]";select undef,undef,undef,.1}}print"\n"'
msg07452/pgp0.pgp
Description: PGP signature
Re: ssh "banner"
You can still have a look there:
http://groups.google.com/groups?selm=cy9se16re.fsf%40zeus.theos.com&output=gplain
for an answer, but would be better to not touch it.
If you can restrict the access to port 22 for a few ip's, do it and block
the rest. Will save you some sleepless nights if you'r _that_ worried about
showing off your sshd version.
cheers,
-xavier
On Fri, Oct 18, 2002 at 02:58:44PM +0200, [EMAIL PROTECTED] wrote:
> Woody
>
> host:/home/przemol>telnet 192.168.x.y ssh
> Trying 192.168.x.y...
> Connected to 192.168.x.y.
> Escape character is '^]'.
> SSH-2.0-OpenSSH_3.4p1 Debian 1:3.4p1-1
>
> How can I disable the message ?
>
> przemol
>
>
> --
> To UNSUBSCRIBE, email to [EMAIL PROTECTED]
> with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
>
--
Xavier Santolaria [EMAIL PROTECTED]
Alldas.org IT-Security Information Network http://xs.alldas.org
perl -we '$|=1;print 1;@a=qw(\ | / -);while(){for($i=0;$i<@a;$i++)
{print"\b$a[$i]";select undef,undef,undef,.1}}print"\n"'
msg07445/pgp0.pgp
Description: PGP signature
Re: ssh "banner"
This won't do the trick, AFAIK it will only display /etc/issue.net
content before the password prompt, but wont change/hide the version
of the sshd when telnet'ing localhost || ip on port 22.
-xavier
> Edit sshd_config
>
> find the line with something like
>
> Banner /etc/issue.net
>
> and set
>
> # Banner /etc/issue.net
>
> killall -9 sshd
>
> done
>
--
Xavier Santolaria [EMAIL PROTECTED]
Alldas.org IT-Security Information Network http://xs.alldas.org
perl -we '$|=1;print 1;@a=qw(\ | / -);while(){for($i=0;$i<@a;$i++)
{print"\b$a[$i]";select undef,undef,undef,.1}}print"\n"'
msg07439/pgp0.pgp
Description: PGP signature
Re: Port 1433
Microsoft SQL server listens on 1433.
You might prolly want to check this:
http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0039.html
for the advisory.
cheers,
xavier
On Sat, Aug 03, 2002 at 06:06:03PM +0100, Dale Amon wrote:
> What would be interesting about Port 1433? I seem to be seeing
> hits on it on different, well seperated networks. Is it a
> destination for worms and virii?
>
>
> --
> To UNSUBSCRIBE, email to [EMAIL PROTECTED]
> with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
>
--
[ Xavier Santolaria | Alldas.org ]
[ developer | IT-Security Information Network ]
[| http://www.alldas.org ]
GPG Key ID : 0xB668B742
Fingerprint: 6458 1D5C D692 7962 5C75 3253 7E24 3556 B668 B742
perl -we '$|=1;print 1;@a=qw(\ | / -);while(){for($i=0;$i<@a;$i++)
{print"\b$a[$i]";select undef,undef,undef,.1}}print"\n"'
