On Thu, Aug 16, 2001 at 02:29:24PM -0600, Apolis, Jeff wrote:
> Hello-
> I am trying to find the best way to prevent sshd from announcing the version
> number
> when someone connects the port 22.
>
> Currently it looks like this:
> $ telnet x.x.x.x 22
> Trying x.x.x.x ...
> Connected to x.x.x.x.
> Escape character is '^]'.
> SSH-1.99-OpenSSH_2.9p1
>
> ... well our security policy dictates that we obscure the version numbers of
> any running
> application when at all possible - to make a hacker's job just a little bit
> harder.
It really doesn't do anything significant. You are far, far better just making
sure that you are keeping up-to-date, applying security/bug fixes as they come,
and using the most recent versions of OpenSSH/SSH.
> Are there any negative side effects to doing this?
Yes. Read the thread here:
http://groups.google.com/groups?hl=en&safe=off&th=bbbd2572eeda2be8,10&seekm=3AED87B0.28B06403%40NOucsdSPAM.edu#p
-- Tim
