Re: Someone scanned my ssh daemon
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Mark Devin wrote:
| It looks as though someone is trying to crack my box through ssh.
OK, now I realise that it is an ssh scanner.
See: http://www.monkey.org/~provos/scanssh/
Why is it that the Debian version of sshd gives out any information
about its version number. Unless it is absolutely necessary for the
clients to connect, I would like my ssh daemon to give out no version
information to these scanners. Why doesn't debian do this by default?
Here is what my machine shows when I run scanssh against it:
SSH-2.0-OpenSSH_3.4p1 Debian 1:3.4p1-1
So they know that I am running debian and what version of ssh I use! I
know that security through obscurity is no security, but I still don't
want to help any attackers. Anyone else have thoughts on this?
Regards.
Mark.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQE+7QqJL/zYpWVgapgRAlKNAJ9ttp2EXJTQOM0zbt4QxP9+9035FgCfecVc
gIRXdU/bu7D5WN/1s1La4Is=
=NZ2c
-----END PGP SIGNATURE-----
Reply to: