Login or Register to Ask a Question and Join Our Community


Solaris

How to hide SSH version

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems Solaris How to hide SSH version
# 1  
Old 02-14-2008
How to hide SSH version
I just been audited and one the recommendations is to hide the SSH version or give fake information.

I went to openssh.com they don't seem to have any info on how to fix this Smilie

Anybody knows how the heck can I hide the SSH version? The part which says [OpenSSH_4.7]


[root]# telnet localhost 22
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
SSH-2.0-OpenSSH_4.7
# 2  
Old 02-14-2008
Download OpenSSH in source and make it without information about version. Look at config files into the source.
# 3  
Old 02-14-2008
I installed it as a 'package' downloaded from sunfreeware.com

is there any way I can avoid having to uninstall it and recompile everything again?

Is not just 1 box, it's abt 40+ boxes (potentially 1 weekend will be burnt & gone cased if I have to re-install everything)
# 4  
Old 02-14-2008
Quote:
Originally Posted by sparcguy
I just been audited and one the recommendations is to hide the SSH version or give fake information.

I went to openssh.com they don't seem to have any info on how to fix this Smilie

Anybody knows how the heck can I hide the SSH version? The part which says [OpenSSH_4.7]


[root]# telnet localhost 22
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
SSH-2.0-OpenSSH_4.7
Hi,
One trick you could do, but really risky and may render your sshd 'unstable', is to use an hexeditor and look for the pattern then apply the change ...
But, if its for security reason, people tend to think such modification is futile and will give you no more safety since most "proggies" will always try to test your installation Smilie ...
# 5  
Old 02-14-2008
Assuming we are dealing with a Solaris system.

Even if you would manage to hide the information.

Do they want you to disable e.g. the "what", "pkginfo" and "od" command as well?

Change access rights to the full /var/sadm tree?

Manipulate the size of the ssh executable?

Someone who is smart enough to become a security risk just by knowing which version you run, is an equally big risk with any of the information provided by the commands or files above.

Who ever did the audit. Tell them to stop quoting what they read somewhere without knowing what it is about, and to pay you back whatever they charged you for the audit.
# 6  
Old 02-14-2008
Quote:
Originally Posted by sb008
Who ever did the audit. Tell them to stop quoting what they read somewhere without knowing what it is about, and to pay you back whatever they charged you for the audit.
I agree with this.
They want you to hide the version of ssh, but no issue with running telnet.
# 7  
Old 02-15-2008
Quote:
Originally Posted by sb008
Assuming we are dealing with a Solaris system.

Even if you would manage to hide the information.

Do they want you to disable e.g. the "what", "pkginfo" and "od" command as well?

Change access rights to the full /var/sadm tree?

Manipulate the size of the ssh executable?

Someone who is smart enough to become a security risk just by knowing which version you run, is an equally big risk with any of the information provided by the commands or files above.

Who ever did the audit. Tell them to stop quoting what they read somewhere without knowing what it is about, and to pay you back whatever they charged you for the audit.
Well I too agree with what you say as true but my bottom line is I have to pass this audit and my boss is anxious to pass the audit and so is the management, regardless of where they read up the info from internet, weather they are amatuer script kiddies or not THEY ARE THE AUDITORS and I have to comply.
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

How do I remove or hide SunOS version/release from remote login prompt?

For any SunOS 5.XX release, it appears prior to the "login:" prompt (as if a "uname" command is run). Would anyone know where that initial display of SunOS release comes from upon a remote login and how I can stop if from displaying? Thank you (4 Replies)
Discussion started by: ssid61
4 Replies

2. Programming

How to hide from UNIX strings - obfuscate or hide a literal or constant?

Hi, I need to somehow pipe the password to a command and run some SQL, for example, something like echo $password | sqlplus -s system @query01.sql To make it not so obvious, I decided to try out writing a small C program that basically just do echo $password. So now I just do x9.out | sqlplus... (8 Replies)
Discussion started by: newbie_01
8 Replies

3. Shell Programming and Scripting

Hide the output of spawn ssh user@server

Hi All, I have written one script, which is connecting 3 diffrent servers and executing script placed on those. It is smthing like: spawn ssh user@server1 expect "*? assword:" send "pw \r" expect "$" send " sh ./filename1 \r" expect "$" expect eof spawn ssh user@server2 expect "*?... (7 Replies)
Discussion started by: KDMishra
7 Replies

4. IP Networking

ssh version 1 problem please help

Hi guys please help with the following. $ssh -1 -vvv -l username -o "ForwardX11 yes" server.name netscape OpenSSH_5.8p1, OpenSSL 0.9.8r 8 Feb 2011 debug2: ssh_connect: needpriv 0 debug1: Connecting to server.address port 22. debug1: Connection established. debug1: identity file... (1 Reply)
Discussion started by: llcooljatt
1 Replies

5. Cybersecurity

Disable SSH 1.99 version?

Hello. My security audit reconise SSH 1.99 protocol version allowed. But in my sshd_config config is only: SSH version: How can I disable support for ssh protocol 1.99 version? (1 Reply)
Discussion started by: jabalv
1 Replies

6. Shell Programming and Scripting

Help to hide shell terminal and run prompt program after ssh login for specified user

Hey guys, I have some task from my office to lock user on the specified directory after the user logged on using ssh. And then run prompt program to fill the required information. Yeah, just like an ATM system. My question: How could I do those?? AFAIK I have to edit the ~./bashrc. But the... (1 Reply)
Discussion started by: franzramadhan
1 Replies

7. AIX

SSH Protocol Version 1

SSH Protocol Version 1 Session Key Retrieval Disable compatibility with version 1 of the protocol can any one advice in this regard and how can I Disable compatibility with version 1 of the protocol Pls advice .. (2 Replies)
Discussion started by: Mr.AIX
2 Replies

8. UNIX for Dummies Questions & Answers

SSH version of rlogin (ie without password prompt)

I have 3 Solaris 10 UNIX servers, the shadow and passwd file are all identical and are automatically sync every 5 minutes. A majority of the users do not have CLI access but rather use a menu. I currently have menu options that allows them to rlogin to another server and I need to have the... (1 Reply)
Discussion started by: creedonjm
1 Replies

9. Solaris

command to know ssh version

Hi, I want to know the command to know ssh version on solaris (1 Reply)
Discussion started by: manoj.solaris
1 Replies

10. Solaris

ssh version

Which version of SSH is this ssh -V SSH Version Sun_SSH_1.0, protocol versions 1.5/2.0. (2 Replies)
Discussion started by: csaunders
2 Replies
Login or Register to Ask a Question