Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Re[3]: HTTP Headers

From: List Spam <listspam () gmail com>
Date: Wed, 18 Jan 2006 10:24:06 -0800
On 1/17/06, Thierry Zoller <Thierry () zoller lu> wrote:


LS> I would seriously caution against relying upon data presented by a
LS> service banner - whether it be HTTP, FTP, SSH, whatever.

AFAIK, the banner of SSH is part of protocol negotiation, changing it would
result in problems. Thus for ssh you can rely on banners most of the
time..


The protocol version needs to be present, but the server daemon
version can be changed.  While it is true that some clients interpret
the daemon specific banner information to determine how they will
communicate to a given daemon, the only required component is the
protocol version portion of the banner.  One example would be an edit
to version.h in the OpenSSH source.

Thanks for the clarification though as I wasn't concise with my info.

---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: