Security Basics mailing list archives

Re: OpenSSH 4.3 Banner Masking

From: "Nikhil Wagholikar" <visitnikhil () gmail com>
Date: Thu, 28 Feb 2008 08:20:53 +0300

Hello Bit Bucket,

For masking OpenSSH banner follow these steps:

Step 1: Download the source file of OpenSSH (openssh-<version>.tar.gz)

Step 2: Unpack this source file in a single directory.

Step 3: In this directory, open 'version.h' file for editing.

Step 4: Now change the parameter

#define SSH_VERSION "OpenSSH_4.3"
to
#define SSH_VERSION "Undisclosed"

Step 5: Now compile and install this source code

Step 6: Cross check this, by telneting to port 22

The version number should now be stripped off.

Enjoy !!!

---
Nikhil Wagholikar
Information Security Analyst
NII Consulting
Web: http://www.niiconsulting.com/
Security Products: http://www.niiconsulting.com/products.html



On 27 Feb 2008 20:24:29 -0000, <my_bit_bucket () yahoo com> wrote:

Is there a way to mask the banner displayed by OpenSSH 4.3 connecting to the service by SSH?  For example, my test 
system displays "SSH-2.0-OpenSSH_4.3" when I "telnet [hostname] 22".


Thanks very much!


Regards,

Bit Bucket

Current thread:

OpenSSH 4.3 Banner Masking my_bit_bucket (Feb 27)
- Re: OpenSSH 4.3 Banner Masking Jeronimo Zucco (Feb 28)
- Re: OpenSSH 4.3 Banner Masking Dedi Dwianto (Feb 28)
- Re: OpenSSH 4.3 Banner Masking Nikhil Wagholikar (Feb 28)
- Re: OpenSSH 4.3 Banner Masking Terra Frost (Feb 28)
- Re: OpenSSH 4.3 Banner Masking 0x90 (Feb 28)