service version disclosure
Sam Varshavchik
mrsam at courier-mta.com
Sat Jan 7 14:44:41 UTC 2012
Reindl Harald writes:
>
>
> Am 07.01.2012 08:02, schrieb Digimer:
> >> i know about the pros and cons for obscurity
> >>
> >> but i also know that from "SSH-2.0-OpenSSH_5.8" only "SSH-2.0"
> >> is relevant for clients and having backports in mind this must
> >> be the truth because if the whole version would matter all
> >> LTS distributions would be broken by design
> >
> > This doesn't change the fundamental point;
> >
> > You are asking for a significant change in behaviour to a program that
> > who-knows-how-many apps use, for no real reason other than to make a
> > client feel better.
>
> no, one keys of security is to provide as less informations as
> absolutely necessary, not only for sshd, for every single
> service
>
> in the best case no single foreign person has an idea
> what software you are currently running, not what OS
> nor what service-software and at least no exact version
Ok, then why are you even running ssh on the default port?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20120107/44c8ab8f/attachment.sig>
More information about the devel
mailing list