You can mask out the version number of the ssh package, but not the
protocol number. You can either edit the source before compiling to
change it or hexedit the sshd binary and replace the program version
number and other "useful" information (like whether you are using OpenSSH
versus lssh versus ssh, etc.)
-Jason
On Sat, 4 Mar 2000, Subba Rao wrote:
> Date: Sat, 4 Mar 2000 06:20:09 -0500
> From: Subba Rao <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Cc: [EMAIL PROTECTED], [EMAIL PROTECTED]
> Subject: Re: Telnet banner for SSHD
>
> On 0, Atro Tossavainen <[EMAIL PROTECTED]> wrote:
> > > On Thu, 24 Feb 2000, Subba Rao wrote:
> > >
> > >> I am using Open SSH on my system. Is there anyway to prevent the
> > >> SSHD from revealing the process name or version number?
> > >
> > > Yes, edit the file /etc/issue, and /etc/issue.net and put
> >
> > Would Subba have meant this originally?
> >
> > $ telnet (host) 22
> > Trying a.b.c.d...
> > Connected to host.
> > Escape character is '^]'.
> > SSH-1.99-2.0.13 (non-commercial)
> >
> > This, of course, cannot be prevented; the client needs this information.
> >
>
> Thanks Atro. You guessed what I meant. I wanted to hide the service name from
> port scanners and audit tools. Although the port number indicates the service, we
> should be able to hide the version number etc. In SSH, I did not know that the client
> needed this information.
>
> Thanks again.
>
> Subba Rao
> [EMAIL PROTECTED]
> http://pws.prserv.net/truemax/
>
> => Time is relative. Here is a new way to look at time. <=
> http://www.smcinnovations.com
>
AT&T Wireless Services
IT Security
UNIX Security Operations Specialist
