Mailinglist Archive: opensuse-security (685 mails)

< Previous Next >
Re: [suse-security] How2 getting sshd quiete
from my baseline; sorry it's in Dutch:
Bij het compileren van de software verdient het aanbeveling het versienummer
en bijbehorende tekst in de file version.h ‘#define SSH_VERSION
"OpenSSH_3.0.2p1"’ te veranderen voor een bogus-tekst. Hierdoor kunnen
hackers niet meer de gebruikte ssh-versie achterhalen om daar misbruik van
te maken.



So, change versiontext in string ‘#define SSH_VERSION "OpenSSH_3.0.2p1" in
sourcefile version.h to a bogus text

you should upgrade your ssh anyhow, so just change the source and then
compile ;-)



cheers.



----- Original Message -----
From: "Michael Appeldorn" <appeldorn@xxxxxxxxx>
To: <suse-security@xxxxxxxx>
Sent: Sunday, February 03, 2002 9:51 AM
Subject: [suse-security] How2 getting sshd quiete


> Hi list,
>
> if i telnet against a sshd like this
>
> telnet 192.168.1.2 22
>
> i'll get e.g. that:
>
> Trying 192.168.1.2...
> Connected to 192.168.1.2.
> Escape character is '^]'.
>
> SSH-2.0-OpenSSH_2.99.99p5
> ^^^^^^^^^^^^^^^^^^^^^^^^
>
> How2 suppress this output. Hopefully without any recompile?
>
> echo "1" > \proc\sys\net\SECURITY_THROUGH_OBSCURITY
>
> Michael Appeldorn
>
>
>
>
>
> --
> To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
> For additional commands, e-mail: suse-security-help@xxxxxxxx
> Security-related bug reports go to security@xxxxxxx, not here
>
>



< Previous Next >
References