Re: BSD display
Hi Steve, Nothing can stop a hacker who really wants your box, but most of the annoyances are script kiddies. Script kiddies when things get tough tend to move on to another system. So whatever I can to not help script kiddies is to my advantage. This might be true, yes. They might not care and try every trick in their toolkit. One of my 'problems' with this approach lies with the move on to another system. So now they're hitting on *my* systems... ;-) Someone, somewhere has to deal with these creatures and get them caught/slapped in the face/buttkicked. I report whenever I can, which is all I can do, I guess. Plus (back to the original topic), if we both upgrade regularly, whose box is more secure? Yours or mine? :-) Bye... Nico ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: BSD display
On Wed, Sep 08, 2004 at 05:00:48PM +0200, Ruben de Groot wrote: On Wed, Sep 08, 2004 at 06:33:03AM -0700, steveb99 typed: Thank you that was my motivation is security. Same as you don't display the last name that logged on, it gives a hacker half the info they need to crack an account. Displaying the OS helps a hacker know which approach cracking into a box. Edit /etc/ssh/sshd_config and change the line: #VersionAddendum FreeBSD-20030924 to something like: VersionAddendum GO-AWAY! than restart sshd. cheers, Ruben Yes, this seems to work. Notice that this won't help OpenBSD people, as they are the only ones who do not have the p (for portable) in their OpenSSH version number. You'd still know they are running OpenBSD. :-) GH ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: BSD display
Harald, Well I don't want to get into any courtsy controversies or licensing gimmicks. But what the steve said has a good point. Lets think it that way that just a casual onlooker cant make out what OS and version is running on the box. It makes the life of a cracker just a little more difficult. However more promising guyz and galz can find it out anyway. Regards S. On Wed, 8 Sep 2004 05:52:30 +0200, Harald Schmalzbauer [EMAIL PROTECTED] wrote: Am Mittwoch, 8. September 2004 05:41 schrieb steveb99: I don't like the OS name and version displayed with logging to ssh or Best would be to use anythig else which you like. And after that you could read your offending mail again and sitting ashamed in the corner for a loong loong time other areas. Where to I eliminate or change the text of the message being displayed? Nowhere! That's one of the things you have to keep if you're using BSD-Licensed code :) Alternatively you're welcome to contribute youre code! -Harry Steve Barnette ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- Subhro Sankha Kar School of Information Technology Block AQ-13/1 Sector V ZIP 700091 India ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: BSD display
Thank you that was my motivation is security. Same as you don't display the last name that logged on, it gives a hacker half the info they need to crack an account. Displaying the OS helps a hacker know which approach cracking into a box. Thanks, Steve Barnette -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Subhro Sent: Wednesday, September 08, 2004 2:58 AM To: Harald Schmalzbauer Cc: [EMAIL PROTECTED] Subject: Re: BSD display Harald, Well I don't want to get into any courtsy controversies or licensing gimmicks. But what the steve said has a good point. Lets think it that way that just a casual onlooker cant make out what OS and version is running on the box. It makes the life of a cracker just a little more difficult. However more promising guyz and galz can find it out anyway. Regards S. On Wed, 8 Sep 2004 05:52:30 +0200, Harald Schmalzbauer [EMAIL PROTECTED] wrote: Am Mittwoch, 8. September 2004 05:41 schrieb steveb99: I don't like the OS name and version displayed with logging to ssh or Best would be to use anythig else which you like. And after that you could read your offending mail again and sitting ashamed in the corner for a loong loong time other areas. Where to I eliminate or change the text of the message being displayed? Nowhere! That's one of the things you have to keep if you're using BSD-Licensed code :) Alternatively you're welcome to contribute youre code! -Harry Steve Barnette ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- Subhro Sankha Kar School of Information Technology Block AQ-13/1 Sector V ZIP 700091 India ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.752 / Virus Database: 503 - Release Date: 9/3/2004 ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: BSD display
On Wed, Sep 08, 2004 at 06:33:03AM -0700, steveb99 typed: Thank you that was my motivation is security. Same as you don't display the last name that logged on, it gives a hacker half the info they need to crack an account. Displaying the OS helps a hacker know which approach cracking into a box. Edit /etc/ssh/sshd_config and change the line: #VersionAddendum FreeBSD-20030924 to something like: VersionAddendum GO-AWAY! than restart sshd. cheers, Ruben Thanks, Steve Barnette -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Subhro Sent: Wednesday, September 08, 2004 2:58 AM To: Harald Schmalzbauer Cc: [EMAIL PROTECTED] Subject: Re: BSD display Harald, Well I don't want to get into any courtsy controversies or licensing gimmicks. But what the steve said has a good point. Lets think it that way that just a casual onlooker cant make out what OS and version is running on the box. It makes the life of a cracker just a little more difficult. However more promising guyz and galz can find it out anyway. Regards S. On Wed, 8 Sep 2004 05:52:30 +0200, Harald Schmalzbauer [EMAIL PROTECTED] wrote: Am Mittwoch, 8. September 2004 05:41 schrieb steveb99: I don't like the OS name and version displayed with logging to ssh or Best would be to use anythig else which you like. And after that you could read your offending mail again and sitting ashamed in the corner for a loong loong time other areas. Where to I eliminate or change the text of the message being displayed? Nowhere! That's one of the things you have to keep if you're using BSD-Licensed code :) Alternatively you're welcome to contribute youre code! -Harry Steve Barnette ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- Subhro Sankha Kar School of Information Technology Block AQ-13/1 Sector V ZIP 700091 India ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.752 / Virus Database: 503 - Release Date: 9/3/2004 ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: BSD display
Hi Steve, Displaying the OS helps a hacker know which approach cracking into a box. This may be true. OTOH, not displaying the version of [insert software package of the day here] may invite a 'hacker' to pull a full-scale all-out number on you, trying every possible exploit he can get his hands on. Or simply DDoS you out of this universe. Or launch whatever OS-agnostic attack can be performed. I'm sure there have been long discussions over this 'security by obscurity' thing *somewhere*... ;-) Buhbye... Nico P.S. I guess nothing beats common sense coupled with regular upgrading. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: BSD display
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Nico Meijer Sent: Wednesday, September 08, 2004 8:59 AM To: [EMAIL PROTECTED] Subject: Re: BSD display Hi Steve, Displaying the OS helps a hacker know which approach cracking into a box. This may be true. OTOH, not displaying the version of [insert software package of the day here] may invite a 'hacker' to pull a full-scale all-out number on you, trying every possible exploit he can get his hands on. Or simply DDoS you out of this universe. Or launch whatever OS-agnostic attack can be performed. I'm sure there have been long discussions over this 'security by obscurity' thing *somewhere*... ;-) Nothing can stop a hacker who really wants your box, but most of the annoyances are script kiddies. Script kiddies when things get tough tend to move on to another system. So whatever I can to not help script kiddies is to my advantage. Steve B. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: BSD display
Am Mittwoch, 8. September 2004 05:41 schrieb steveb99: I don't like the OS name and version displayed with logging to ssh or Best would be to use anythig else which you like. And after that you could read your offending mail again and sitting ashamed in the corner for a loong loong time other areas. Where to I eliminate or change the text of the message being displayed? Nowhere! That's one of the things you have to keep if you're using BSD-Licensed code :) Alternatively you're welcome to contribute youre code! -Harry Steve Barnette ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
