 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
On 6/27/07, Scott Ehrlich <scott-3s7WtUTddSA at public.gmane.org> wrote: > I just telnetted to my Ubuntu linux box's port 22 and saw its banner ID. You may also find nc useful :-) > How do I disable the banner? That banner is populated from within the binary. You can hexedit the binary to change it obviously, but I actually am unsure how to disable it or change it via a config. > I've tried creating an empty /etc/issue.net file, uncommenting Banner in > /etc/ssh/sshd_config, and issuing /etc/init.d/ssh restart. telnet > localhost 22 still shows the banner. That is for pre-login banner notice, which is not the same banner which is displayed to identify the server. I found my banner at offset 0x00046dda in /usr/sbin/sshd using hexdump -C | grep -i 4.6p1 Let us know if you find the real way to change it. However, I must ask why you are doing this, rather than using something like port knocking or other techniques. People can still identify your server using a tool called amap even if you disable the banner. So, banner-disabling is only going to keep out really dumb people...which I guess is enough for the majority :-) Check our portknockd or single packet authentication (SPA)... -- Kristian Hermansen -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
