[plug] hiding service banner

Cameron Patrick cameron at patrick.wattle.id.au
Sat Aug 14 20:40:09 WST 2004 

Jon  Miller wrote:

> What I was looking for was a way to "hide" or "change" the
> information presented when a scan took place.  Wrong use of the word
> "hiding".

What Bill has suggested won't do that, though; the two messages take
place in quite different places in an SSH login.  e.g., in the output
below, the "This is node Mussel" warning is what Bill was talking
about, and the "remote software version OpenSSH_3.8.1p1 Debian
1:3.8.1p1-8.brb3" is what you want to change.

$ ssh -v ucc
OpenSSH_3.8.1p1 Debian 1:3.8.1p1-4, OpenSSL 0.9.7d 17 Mar 2004
debug1: Reading configuration data /home/cameron/.ssh/config
debug1: Applying options for ucc
debug1: Applying options for *
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to mussel.waix.ucc.gu.uwa.edu.au [203.24.97.228] port 22.
debug1: Connection established.
debug1: identity file /home/cameron/.ssh/identity type -1
debug1: identity file /home/cameron/.ssh/id_rsa type 1
debug1: identity file /home/cameron/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_3.8.1p1 Debian 1:3.8.1p1-8.brb3
debug1: match: OpenSSH_3.8.1p1 Debian 1:3.8.1p1-8.brb3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.8.1p1 Debian 1:3.8.1p1-4
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes192-cbc hmac-md5 zlib
debug1: kex: client->server aes192-cbc hmac-md5 zlib
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<2048<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'mussel.waix.ucc.gu.uwa.edu.au' is known and matches the RSA host key.
debug1: Found key in /home/cameron/.ssh/known_hosts:5
debug1: ssh_rsa_verify: signature correct
debug1: Enabling compression at level 6.
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
*-----------------------------------------------------------------------------*
|  This is node Mussel at The University of WA - for authorised clients only  |
|                                                                             |
| WARNING: Misuse of computer access can attract criminal penalties, civil    |
|          liability for third party loss and university disciplinary action. |
*-----------------------------------------------------------------------------*

debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering public key: /home/cameron/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 149

Cameron.

More information about the plug mailing list