Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 12 Sep 1999 13:13:44 -0400
From:      "Donald J . Maddox" <dmaddox@conterra.com>
To:        Hector Colmenares <zips@zips.net>
Cc:        Will Andrews <andrews@TECHNOLOGIST.COM>, Ben Smithurst <ben@scientia.demon.co.uk>, freebsd-security@FreeBSD.ORG, freebsd-questions@FreeBSD.ORG, dev-null@ns1.digicomsystems.net, "Jeremy L. Ramirez" <jramirez@digicomsystems.net>
Subject:   Re: How to prevent motd including os info
Message-ID:  <19990912131344.B31706@dmaddox.conterra.com>
In-Reply-To: <Pine.BSF.4.10.9909121249460.21478-100000@justice.zips.net>
References:  <XFMail.990912111958.andrews@TECHNOLOGIST.COM> <Pine.BSF.4.10.9909121249460.21478-100000@justice.zips.net>

next in thread | previous in thread | raw e-mail | index | archive | help
Is there a way to suppress the copyright info?  This is pretty much
a dead giveaway (At least that it's *BSD), huh?   See lines 14-15 below:

$ telnet dmaddox.conterra.com
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.

dmaddox.conterra.com
Access Restricted

Today is Sun Sep 12 13:09:57 EDT 1999

login: myself
Password:
Last login: Sun Sep 12 13:07:17 from localhost
Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994
        The Regents of the University of California.  All rights reserved.

Welcome to BogoDOS!
You have mail.
$ 


On Sun, Sep 12, 1999 at 12:56:39PM -0400, Hector Colmenares wrote:
> 
> 
> 	If you dont want people to know what OS are you running 
> 	when they telnet into your box just change to this the  info in
> 	/etc/gettytab 
> 
> default:\
>    :cb:ce:ck:lc:fd#1000:im=\r\n\%h\r\nAccess Restricted\
>    r\n\r\nFor info, email admin@%h\r\nToday is %d\r\n\r\n
> 
> 
> 	;-)
>  
> cheers !!
> 
> On Sun, 12 Sep 1999, Will Andrews wrote:
> 
> > 
> > On 12-Sep-99 Ben Smithurst wrote:
> > > Jeremy L. Ramirez wrote:
> > > 
> > >> telnet  stream  tcp     nowait  root    /usr/libexec/telnetd    telnetd -h
> > >> 
> > >> what you are doing is adding the -h at the end of the line which prevents
> > >> a user from seeing the OS before even logging in.
> > > 
> > > An even better way is to disable telnet completely, and use ssh like you
> > > should. Note that people can still use nmap or something to guess at
> > > your OS.
> > > 
> > > -- 
> > > Ben Smithurst            | PGP: 0x99392F7D
> > > ben@scientia.demon.co.uk |   key available from keyservers and
> > >                          |   ben+pgp@scientia.demon.co.uk
> > > 
> > > 
> > > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > > with "unsubscribe freebsd-security" in the body of the message
> > 
> > 
> > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > with "unsubscribe freebsd-questions" in the body of the message
> > 
> 
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message
> 


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990912131344.B31706>