[wellylug] suppressing sshd connect string

Phillip Hutchings sitharus at gmail.com
Fri Sep 10 12:19:25 NZST 2004 

Then why bother? Most clients like knowing what they're talking to...


On Fri, 10 Sep 2004 00:02:32 +0000, Simon . <ahlee_youp at hotmail.com> wrote:
> Security isnt the issue.
> 
> >From: Nigel Roberts <nigel at nobiscuit.com>
> >Reply-To: wellylug at lists.wellylug.org.nz
> >To: wellylug at lists.wellylug.org.nz
> >Subject: Re: [wellylug] suppressing sshd connect string
> >Date: Fri, 10 Sep 2004 11:22:23 +1200
> 
> 
> >
> >But what's the point?
> >
> >As was pointed out in that news group post, you'll be attacked by
> >script kiddies looking for the same exploit regardless of ssh version.
> >
> >You may as well set up port knocking or some such, if you really want
> >to be that secure.
> >
> >On Thu, 09 Sep 2004 at 23:09:38 +0000, Simon . wrote:
> >
> > > >From: David Antliff <dave.antliff at paradise.net.nz>
> > > >Reply-To: wellylug at lists.wellylug.org.nz
> > > >To: wellylug at lists.wellylug.org.nz
> > > >Subject: Re: [wellylug] suppressing sshd connect string
> > > >Date: Thu, 09 Sep 2004 23:02:53 +1200 (NZST)
> > > >
> > > >
> > > >
> > > >On Thu, 9 Sep 2004, jumbophut wrote:
> > > >>
> > > >> telnet ssh.on.my.box:443 &> /dev/null
> > > >>
> > > >> That ought to suppress the lot.  :-)
> > > >
> > > >I think he means 'suppress it for all connections' - so that people
> >trying
> > > >to connect don't see it.
> > >
> > > Yeah, thats right.
> > >
> > > I've thought of a way to suppress it, by way of a very simple port
> >proxy.
> > > Incoming ssh connections connect to a port proxy which connects to the
> > > sshd. Returning info is stripped of the version string, and an
> >accompanying
> > > port proxy on the client side provides the string for the ssh protocol.
> > > Messy? you bet.
> > >
> > > _________________________________________________________________
> > > Watch movie trailers online with the Xtra Broadband Channel
> > > http://xtra.co.nz/broadband
> > >
> > >
> > > --
> > > Wellington Linux Users Group Mailing List:
> >wellylug at lists.wellylug.org.nz
> > > To Leave:  http://lists.wellylug.org.nz/mailman/listinfo/wellylug
> >
> >
> >--
> >Wellington Linux Users Group Mailing List: wellylug at lists.wellylug.org.nz
> >To Leave:  http://lists.wellylug.org.nz/mailman/listinfo/wellylug
> 
> _________________________________________________________________
> Need more speed? Get Xtra JetStream  @ http://xtra.co.nz/jetstream
> 
> 
> 
> 
> --
> Wellington Linux Users Group Mailing List: wellylug at lists.wellylug.org.nz
> To Leave:  http://lists.wellylug.org.nz/mailman/listinfo/wellylug
> 



-- 
Phillip Hutchings
http://www.sitharus.com/
sitharus at gmail.com / sitharus at sitharus.com

More information about the wellylug mailing list