[Gllug] compromised?

Tethys tet at accucard.com
Mon Feb 24 10:05:42 UTC 2003


James de Lurker writes:

>Oh - and make the software LIE or be unspecific about what version it
>is ( a simple telnet connection to port 22 and a couple of CRs will
>persuade a target system to yield too much information than can be
>good for it ).

Don't kid yourself. How many times does the "security through obscurity
doesn't work" mantra have to be repeated? Any halfway decent cracking script
will try to negotiate an SSH handshake to test what's on the end of an open
port, rather than just trusting what's reported in the banner. If it finds
an ssh daemon it's likely to try known exploits anyway, in case you're
lying about the version of sshd.

Tet

-- 
Gllug mailing list  -  Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug




More information about the GLLUG mailing list