Re: Securing the FreeBSD Console by removing OS Version
It was the /etc/motd file. I had already edited the file but failed to take out the top line. I was trying to make this harder than it really was. Thanks Ray On Fri, 2003-09-12 at 17:31, Matthew Seaman wrote: On Fri, Sep 12, 2003 at 03:44:14PM -0500, Ray Seals wrote: I don't want the console to display the OS version number. I have removed the %h variable from gettytab for my remote login users. Where can I remove this info from the Console screen? Edit /etc/motd ? If you've got an /etc/issue file (or whatever the if property in gettytab(5) is set to), that will be displayed before the login prompt, and it gets the same sort of % expansion as done for the im (initial banner message) or lm (login prompt) properties. See also /etc/login.conf where the 'welcome' property can be changes to point to a different file than /etc/motd Cheers, Matthew -- Ray Seals [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Securing the FreeBSD Console by removing OS Version
On Mon, Sep 15, 2003 at 09:35:31AM -0500, Ray Seals wrote: It was the /etc/motd file. I had already edited the file but failed to take out the top line. I was trying to make this harder than it really was. You realise that if someone can log in to the system they can trivially discover the OS and OS version by querying the kernel? As a security measure this change has zero benefit. Kris pgp0.pgp Description: PGP signature
Re: Securing the FreeBSD Console by removing OS Version
On Mon, 2003-09-15 at 13:48, Kris Kennaway wrote: You realise that if someone can log in to the system they can trivially discover the OS and OS version by querying the kernel? As a security measure this change has zero benefit. Yes, uname -a will do the trick. Here is what I wanted. I did not want the version to pop up on the console after boot. So I added the clear command to the /etc/issue. So, I want the console to look like this after the system is up and booted: -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- security mumbo jumbo -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Login: Ray Seals [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Re: Securing the FreeBSD Console by removing OS Version
Maybe you can edit your /etc/gettytab default:\ :cb:ce:ck:lc:fd#1000:im=\r\n\Some Text Here \r\n\r\n:sp#1200:\ :if=/etc/issue: then you can maybe also use figlet to generate some fancy text to your /etc/issue. You can also disallow users from accessing uname. hope this helps. On Mon, 2003-09-15 at 13:48, Kris Kennaway wrote: You realise that if someone can log in to the system they can trivially discover the OS and OS version by querying the kernel? As a security measure this change has zero benefit. Yes, uname -a will do the trick. Here is what I wanted. I did not want the version to pop up on the console after boot. So I added the clear command to the /etc/issue. So, I want the console to look like this after the system is up and booted: -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- security mumbo jumbo -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Login: Ray Seals [EMAIL PROTECTED] ** Get your free E-Mail account at WWW.DIGITELONE.COM ** ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Securing the FreeBSD Console by removing OS Version
I don't want the console to display the OS version number. I have removed the %h variable from gettytab for my remote login users. Where can I remove this info from the Console screen? -- Ray Seals [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Securing the FreeBSD Console by removing OS Version
On Fri, Sep 12, 2003 at 03:44:14PM -0500, Ray Seals wrote: I don't want the console to display the OS version number. I have removed the %h variable from gettytab for my remote login users. Where can I remove this info from the Console screen? Edit /etc/motd ? If you've got an /etc/issue file (or whatever the if property in gettytab(5) is set to), that will be displayed before the login prompt, and it gets the same sort of % expansion as done for the im (initial banner message) or lm (login prompt) properties. See also /etc/login.conf where the 'welcome' property can be changes to point to a different file than /etc/motd Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp0.pgp Description: PGP signature