[wellylug] suppressing sshd connect string

Simon . ahlee_youp at hotmail.com
Fri Sep 10 12:02:32 NZST 2004 

Security isnt the issue.


>From: Nigel Roberts <nigel at nobiscuit.com>
>Reply-To: wellylug at lists.wellylug.org.nz
>To: wellylug at lists.wellylug.org.nz
>Subject: Re: [wellylug] suppressing sshd connect string
>Date: Fri, 10 Sep 2004 11:22:23 +1200
>
>But what's the point?
>
>As was pointed out in that news group post, you'll be attacked by
>script kiddies looking for the same exploit regardless of ssh version.
>
>You may as well set up port knocking or some such, if you really want
>to be that secure.
>
>On Thu, 09 Sep 2004 at 23:09:38 +0000, Simon . wrote:
>
> > >From: David Antliff <dave.antliff at paradise.net.nz>
> > >Reply-To: wellylug at lists.wellylug.org.nz
> > >To: wellylug at lists.wellylug.org.nz
> > >Subject: Re: [wellylug] suppressing sshd connect string
> > >Date: Thu, 09 Sep 2004 23:02:53 +1200 (NZST)
> > >
> > >
> > >
> > >On Thu, 9 Sep 2004, jumbophut wrote:
> > >>
> > >> telnet ssh.on.my.box:443 &> /dev/null
> > >>
> > >> That ought to suppress the lot.  :-)
> > >
> > >I think he means 'suppress it for all connections' - so that people 
>trying
> > >to connect don't see it.
> >
> > Yeah, thats right.
> >
> > I've thought of a way to suppress it, by way of a very simple port 
>proxy.
> > Incoming ssh connections connect to a port proxy which connects to the
> > sshd. Returning info is stripped of the version string, and an 
>accompanying
> > port proxy on the client side provides the string for the ssh protocol.
> > Messy? you bet.
> >
> > _________________________________________________________________
> > Watch movie trailers online with the Xtra Broadband Channel
> > http://xtra.co.nz/broadband
> >
> >
> > --
> > Wellington Linux Users Group Mailing List: 
>wellylug at lists.wellylug.org.nz
> > To Leave:  http://lists.wellylug.org.nz/mailman/listinfo/wellylug
>
>
>--
>Wellington Linux Users Group Mailing List: wellylug at lists.wellylug.org.nz
>To Leave:  http://lists.wellylug.org.nz/mailman/listinfo/wellylug

_________________________________________________________________
Need more speed? Get Xtra JetStream  @ http://xtra.co.nz/jetstream

More information about the wellylug mailing list