Date: Wed, 21 Mar 2018 16:47:27 -0700 From: "Ronald F. Guilmette" <rfg@tristatelogic.com> To: freebsd-net@freebsd.org Subject: Same host or different? How can you tell "over the wire"? Message-ID: <5755.1521676047@segfault.tristatelogic.com>
index | next in thread | raw e-mail
"Kurt Buff" <kurt.buff@gmail.com > wrote: >Do you mean that the application banners for all applications are the >same? A comprehensive scan with nmap shows no differences? Correct. This is the case I was/am asking about. >I know you specified SSH as outside of the application layer, but I >would think if it's even to the point that the same SSH key (or >credentials) work for both machines, and upon login provide the same >hostname in the prompt In case it was not clear, none of the IPv4 addresses that are of interest, or that are relevant to my question, are ones for which *I* posses any type of SSH login credentials. But your question certainly raises an interesting possibility, and an interesting question... one that I myself am not at all equiped or qualified to answer (because I am almost totally ignorant about even the bare mechanics of the SSH protocol): How could one tickle an open SSH port and obtain from it not just its greeting banner (which may be, and often is, rather generic and non-specific) but also so as to get the host's host-specific public key? (Yes, I am indeed displaying an unforgivable level of laziness here. I can and most probably should, and most probably eventually -will- just go off now and read the relevant RFCs, but if anyone wants to save me the trouble, just for this one question, that would be appreciated.) >you'd have to dig and see if the NIC configs >show a difference, or perhaps that there are multiple NICs, or a >single NIC aliased with the IP addresses you're reviewing. Yes. This is yet a different way that the problem might be attacked. I am most interested in that last possibility you mentioned, and specifically I am interested in differentiating that case from all other possible cases. But I am far too ignorant of the relevant protocols to be able to work out a way to solve the problem this way, so if anyone might be willing to explain it to me, in detail, that also would be most appreciated.home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5755.1521676047>