[wellylug] suppressing sshd connect string

Nigel Roberts nigel at nobiscuit.com
Fri Sep 10 11:22:23 NZST 2004


But what's the point?

As was pointed out in that news group post, you'll be attacked by
script kiddies looking for the same exploit regardless of ssh version.

You may as well set up port knocking or some such, if you really want
to be that secure.

On Thu, 09 Sep 2004 at 23:09:38 +0000, Simon . wrote:

> >From: David Antliff <dave.antliff at paradise.net.nz>
> >Reply-To: wellylug at lists.wellylug.org.nz
> >To: wellylug at lists.wellylug.org.nz
> >Subject: Re: [wellylug] suppressing sshd connect string
> >Date: Thu, 09 Sep 2004 23:02:53 +1200 (NZST)
> >
> >
> >
> >On Thu, 9 Sep 2004, jumbophut wrote:
> >>
> >> telnet ssh.on.my.box:443 &> /dev/null
> >>
> >> That ought to suppress the lot.  :-)
> >
> >I think he means 'suppress it for all connections' - so that people trying
> >to connect don't see it.
> 
> Yeah, thats right.
> 
> I've thought of a way to suppress it, by way of a very simple port proxy. 
> Incoming ssh connections connect to a port proxy which connects to the 
> sshd. Returning info is stripped of the version string, and an accompanying 
> port proxy on the client side provides the string for the ssh protocol.
> Messy? you bet.
> 
> _________________________________________________________________
> Watch movie trailers online with the Xtra Broadband Channel  
> http://xtra.co.nz/broadband
> 
> 
> -- 
> Wellington Linux Users Group Mailing List: wellylug at lists.wellylug.org.nz
> To Leave:  http://lists.wellylug.org.nz/mailman/listinfo/wellylug




More information about the wellylug mailing list