Reply With QuoteHi
I m sorry.I got the solution to the above asked problem of mine.If someone needs solution he/she is most welcome.
Thanx
Regards
Love Wadhwa
Hi
I tried to hide the openssh version nd somehow succeeded.The file version.h has two macros which are to be changed for hiding my version info.But this only hides version information from being revealed when i telnet on port 22.However if i run ssh -V ,it gives me again the correct version of openssh which i m trying to hide out.Kindly help me know the file where this has been picking up from
Regards
Love Wadhwa
redhat Certified engg.
Hi
I m sorry.I got the solution to the above asked problem of mine.If someone needs solution he/she is most welcome.
Thanx
Regards
Love Wadhwa
Can you post the solution, in case someone needs it in the future?
My crime is that of curiosity. My crime is that of judging people by what they say and think, not what they look like. My crime is that of outsmarting you, something that you will never forgive.
Hi
by changing the version.h file and then running ssh -V it doesnot show ssh version but shows ssl version.To hide this out open the ssh.c file and search for
case 'V' and then make changes at the two macros being passed in it.
The two macros are SSH_RELEASE, SSLeay_version(SSLEAY_VERSION).delete it out and enter the information which u want to display in inverted commas.
Simply thats it.
Thanx
Regards
Love Wadhwa
Thanks!
My crime is that of curiosity. My crime is that of judging people by what they say and think, not what they look like. My crime is that of outsmarting you, something that you will never forgive.
Depending on your distro, how would that affect your upgrade path? I mean, if your distro like Ubuntu don't know which version they have, how will it able to upgrade to the next secure version if you current version is known to be insecure (that happened a few years ago) via APT or YUM for FC. Is that mean you will have to manually update your SSH/SSL all the time?
I would expect the package manager of the distro to have a record of the installed packages, separate from the application files themselves.
My crime is that of curiosity. My crime is that of judging people by what they say and think, not what they look like. My crime is that of outsmarting you, something that you will never forgive.
That is the point of package managers, as trickster stated. If the PM doesnt do that it is quite useless. The package should contain revision, including patchlevel. Since the binaries could get corrupted, the PM is to handle a DB containing the installed version and what files are included, and what dependencies are present for the binary(s).
Posting Permissions
Bookmarks