Date: Sat, 24 Mar 2001 01:04:52 -0300 From: "Duwde (Fabio V. Dias)" <duwde@duwde.com.br> To: freebsd-stable@freebsd.org Subject: sshd revealing too much stuff. Message-ID: <3ABC1CE3.F9486F2D@duwde.com.br>
next in thread | raw e-mail | index | archive | help
Hi. (PLEASE REPLY TO MY MAIL AS WELL, I'M NOT SUBSCRIBED) As of 2001/03/22 we have the following : cat /usr/src/crypto/openssh/version.h -- /* $FreeBSD: src/crypto/openssh/version.h,v 1.1.1.1.2.4 2001/03/22 00:30:56 green Exp $ */ /* $OpenBSD: version.h,v 1.13 2000/10/16 09:38:45 djm Exp $ */ #define SSH_VERSION "OpenSSH_2.3.0 green@FreeBSD.org 20010321" -- And sshd prints the complete SSH_VERSION to anyone. -- telnet somewhere.running.latest.stable Connected to somewhere.running.latest.stable. Escape character is '^]'. SSH-1.5-OpenSSH_2.3.0 green@FreeBSD.org 20010321 -- Why this "green@FreeBSD.org 20010321" has been added ? With that, there is no need for OS Fingerprinting. You've got the OS that the host is running AND its sshd EXACT date of last modification by freebsd team. My 0.1 cent... -- Fabio Vilan Dias / Duwde <duwde@duwde.com.br> PGP key @ http://www.duwde.com.br/duwdepgp.asc FP = BB35 50F2 7F83 655D 6B11 F0A2 F8E2 FF3D To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3ABC1CE3.F9486F2D>