Hiding SSH version string
I've read a number of times that people hide their ssh version string so that attackers don't know what version you are running. I've read the documentation and can't seem to figure out how to do this. Can somebody explain to me how this is done? Thank you so much! Cheers! Aaron ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Hiding SSH version string
- Original Message - From: Aaron Dalton [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, July 23, 2004 5:36 PM Subject: Hiding SSH version string | I've read a number of times that people hide their ssh version string so that | attackers don't know what version you are running. I've read the | documentation and can't seem to figure out how to do this. Can somebody | explain to me how this is done? Thank you so much! The hackers are likely to just try whatever exploit anyway. They'll even probably be thinking Oh, they're hiding their version... probably quite old :-) Best just to keep up to date. | | Cheers! | Aaron | ___ | [EMAIL PROTECTED] mailing list | http://lists.freebsd.org/mailman/listinfo/freebsd-questions | To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
[Off-topic] Re: Hiding SSH version string
[Markie, 2004-07-23] The hackers are likely to just try whatever exploit anyway. They'll even probably be thinking Oh, they're hiding their version... probably quite old :-) Best just to keep up to date. I know that in modern English the word hacker has more than one meaning, but I think that at least within the community we should try to resist completely washing the word for its older meaning. You should use attacker er something similar instead. Sorry for beeing off-topic, just my two cents. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Hiding SSH version string
Aaron Dalton [EMAIL PROTECTED] writes: I've read a number of times that people hide their ssh version string so that attackers don't know what version you are running. I've read the documentation and can't seem to figure out how to do this. Can somebody explain to me how this is done? Thank you so much! I don't recommend anyone actually do this, because a) it serves no purpose (it certainly doesn't make you any more secure, or even discourage any attackers) b) The version string is a part of the protocol itself, required by the protocol specification c) you will be making life harder for auditors, system administrators, and so If you're really determined, though, the strings are defined in /usr/src/crypto/openssh/version.h ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Hiding SSH version string
On July 23, 2004 07:10 pm, Lowell Gilbert wrote: I don't recommend anyone actually do this, because a) it serves no purpose (it certainly doesn't make you any more secure, or even discourage any attackers) b) The version string is a part of the protocol itself, required by the protocol specification c) you will be making life harder for auditors, system administrators, and so If you're really determined, though, the strings are defined in /usr/src/crypto/openssh/version.h Thank you so much for the information! I didn't realize it was part of the protocol. It was something I had heard about but didn't understand. Thank you again for your help! -- Aaron Dalton http://aaron.daltons.ca ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]