From owner-freebsd-security Fri Mar 15 13:42:58 2002 Delivered-To: freebsd-security@freebsd.org Received: from clink.schulte.org (clink.schulte.org [209.134.156.193]) by hub.freebsd.org (Postfix) with ESMTP id 2200637B416; Fri, 15 Mar 2002 13:42:50 -0800 (PST) Received: from schulte-laptop.nospam.schulte.org (nb-65.netbriefings.com [209.134.134.65]) by clink.schulte.org (Postfix) with ESMTP id 5704424438; Fri, 15 Mar 2002 15:42:48 -0600 (CST) Message-Id: <5.1.0.14.0.20020315153913.061b8ea8@pop3s.schulte.org> X-Sender: X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Fri, 15 Mar 2002 15:41:27 -0600 To: "alexus" , From: Christopher Schulte Subject: Re: openssh Cc: , In-Reply-To: <004701c1cc69$4131a710$0100a8c0@alexus> References: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org At 04:34 PM 3/15/2002 -0500, alexus wrote: >however most of the scaners they just look at the versions and they >automaticly assume that this server can be exploited just for reaosn i run >ssh 2.9.x And quite a few scanner will probe you no matter what banner is displayed. Changing the banner will not increase your security. Keeping up to date, using a packet filter, and having an IDS/backup will. -- Christopher Schulte http://www.schulte.org/ Do not un-munge my @nospam.schulte.org email address. This address is valid. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message