Re: Someone scanned my ssh daemon

To: debian-security@lists.debian.org
Subject: Re: Someone scanned my ssh daemon
From: "Stefan Neufeind" <stefan@neufeind.net>
Date: Mon, 16 Jun 2003 14:26:33 +0200
Message-id: <[🔎] 3EEDD399.590.10EE9E7@localhost>
In-reply-to: <[🔎] 20030616040033.GA29947@bilmuh.ege.edu.tr>
References: <[🔎] 1904.10.200.3.117.1055733656.squirrel@muffin.tsnz.net>

On 16 Jun 2003 at 7:00, Halil Demirezen wrote:

> > My Debian box:
> > Connection closed by foreign host.
> > tim@muffin:~> telnet xxxxxx.com 22
> > Trying 203.167.224.xxxx...
> > Connected to xxxxxx.com.
> > Escape character is '^]'.
> > SSH-2.0-OpenSSH_3.4p1 Debian 1:3.4p1-1
> 
> To be brief, I don't usually come accross that there is an exploit for
> only effective to debian boxes. Plus, There are lots of ways to learn
> what distribution you are running on your machine. telnet xxxx.com 80
> and do some returns and you get the info you are running apache with
> php xxx support on debian box. 
> 
> This is not only ssh case.

Well, but for e.g. php I don't see why this is necessary. Anybody 
wrote a doc on how to suppress unnecessary version-messages? I'd be 
really interested in such things ...

Reply to:

Follow-Ups:
- Re: Someone scanned my ssh daemon
  - From: Tomasz Papszun <tomek@lodz.tpsa.pl>

References:
- Re: Someone scanned my ssh daemon
  - From: "TiM" <tim@muppetz.com>
- Re: Someone scanned my ssh daemon
  - From: Halil Demirezen <halild@bilmuh.ege.edu.tr>

Prev by Date: Re: kernel-source 2.4.20 + grsecurity + freeswan
Next by Date: Re: Someone scanned my ssh daemon
Previous by thread: Re: Someone scanned my ssh daemon
Next by thread: Re: Someone scanned my ssh daemon
Index(es):
- Date
- Thread