Re: openssh security issue

U.SivaKumar_2 · ‎11-20-2002

Hi,

In Openssh , If you do this

#telnet xx.xx.xx.xx 22

It will display the complete version details of the openssh running..

I see this as a big security issue with openssh

regards,
U.SivaKumar

Innovations are made when conventions are broken

Michael Tully · ‎11-21-2002

That may be so.

I see and use 'openssh' as a tool to connect from a system inside your network to a system in DMZ environment. Having telnet turned off will accomplish this task for your system that is outside anyway.

As far as seeing the version etc, I am sure there are flags you could use to remove these should you wish to, if you compiled it yourself. Check out the options for this.

Anyone for a Mutiny ?

U.SivaKumar_2 · ‎11-21-2002

Hi,

Turning off telnet will not work . As I am connecting to port 22 with telnet , the firewall will allow the connection as it thinks it is a ssh connection.

There is no option for this in compillation.

regards,

U.SivaKumar

Innovations are made when conventions are broken

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: openssh security issue

openssh security issue

Re: openssh security issue

Re: openssh security issue