The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Removing SSH type/version broadcast

Discussion in 'General Discussion' started by FreedomNet, Aug 10, 2005.

  1. FreedomNet

    FreedomNet Active Member

    Joined:
    Mar 29, 2004
    Messages:
    31
    Likes Received:
    0
    Trophy Points:
    6
    Many vulnerablity scans and "secure/harden your server" tutorials recommend removing the type and version messages from the login/connect of common services to make it more difficult for hackers to know the contents of the server. Other posts have info on how to remove this for Apache, Exim and Bind, but I have not found anyplace to remove it for OpenSSH. Does anyone know how to prevent OpenSSH from indicating:
    SSH-1.99-OpenSSH_3.6.1p2
    and replacing with something like:
    SSH
     
  2. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    I'm not aware of a way. You'll probably have to go and have a trawl through the openssh documentation on their site.
     
  3. shashank

    shashank Well-Known Member
    PartnerNOC

    Joined:
    Apr 12, 2003
    Messages:
    159
    Likes Received:
    1
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
  4. FreedomNet

    FreedomNet Active Member

    Joined:
    Mar 29, 2004
    Messages:
    31
    Likes Received:
    0
    Trophy Points:
    6
    Thanks for the info.

    The debian thread was interesting and I might have agreed with it back in 2002 when it looks like a lot of it was posted. Unfortunately, many of our clients are now being forced into using vulnerablity scanning services by the credit card industry and the last 4 services I have seen report the boradcast of OpenSSH type and version as a lower level vulnerablity that should be removed.

    Since it does not appear that OpenSSH shares this view, we'll stop looking for a way to remove it for now.

    Thanks again!
     
  5. shashank

    shashank Well-Known Member
    PartnerNOC

    Joined:
    Apr 12, 2003
    Messages:
    159
    Likes Received:
    1
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    You are welcome :)
     
Loading...

Share This Page