Re: Someone scanned my ssh daemon
On 16 Jun 2003 at 7:00, Halil Demirezen wrote:
> > My Debian box:
> > Connection closed by foreign host.
> > tim@muffin:~> telnet xxxxxx.com 22
> > Trying 203.167.224.xxxx...
> > Connected to xxxxxx.com.
> > Escape character is '^]'.
> > SSH-2.0-OpenSSH_3.4p1 Debian 1:3.4p1-1
>
> To be brief, I don't usually come accross that there is an exploit for
> only effective to debian boxes. Plus, There are lots of ways to learn
> what distribution you are running on your machine. telnet xxxx.com 80
> and do some returns and you get the info you are running apache with
> php xxx support on debian box.
>
> This is not only ssh case.
Well, but for e.g. php I don't see why this is necessary. Anybody
wrote a doc on how to suppress unnecessary version-messages? I'd be
really interested in such things ...
Reply to: