From: maarten van den Berg (maartenvbvb.nl)
Date: Fri Feb 20 2004 - 16:20:23 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Friday 20 February 2004 16:04, Kai Pfeiffer wrote:
> Hello list,
>
> according to Stefans question to the topic "apache Header" I have the same
> question for Mysql and Openssh. Is it possible to keep them more quiet if
> my box is scanned by eg. nmap.I use rpm's from suse.

Hm. Openssh version changing sounds impossible to me; because the handshake
includes various version and protocol- babble (see 'ssh -v ...') I doubt you
could "just change" things; then the handshake is liable to fail somewhere.

On the subject of mysql, you should seriously consider NOT opening the mysql
port at all. And if you really must insist, firewall it off then for all but
the handful of hosts that need that access.
And thus, you won't need any version-tweaking anymore.

In general, as said by others, hiding or changing the versions don't get you
much. It's analogous to filing off the brand of the lock on your front door.
It won't help you; firstly because most lock-picking sets will work on it
anyhow, and secondly, a real pro knows at one glance what brand, type and
make of lock you have without even needing any brand on it.

Greetings
Maarten

> Thanks
>
> Kai Pfeiffer

--
Yes of course I'm sure it's the red cable. I guarante[^%!/+)F#0c|'NO CARRIER

--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-helpsuse.com
Security-related bug reports go to securitysuse.de, not here

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]