HPE Community
Operating System - HP-UX
1820592 Members
1825 Online
109626 Solutions
New Discussion

Version disclosure how to avoid it

 
chindi
Respected Contributor

‎08-06-2013 01:18 AM

‎08-06-2013 01:18 AM

Version disclosure how to avoid it

Hi ,

 

 

Information disclosure in banner grab reveals sensitive data, such as technical details of the web server, environment, or user-specific data. This sensitive data may be used by an attacker to exploit the target web application, its hosting network, or its users. This helps an attacker to launch target specific attacks.

 

We need to disable telnet ad ftp verisons , how do we do it ??

 

 

0 Kudos
Reply
9 REPLIES 9
Torsten.
Acclaimed Contributor

‎08-06-2013 02:22 AM

‎08-06-2013 02:22 AM

Re: Version disclosure how to avoid it

Better to disable telnet and ftp anyway. Use ssh and scp or sftp instead.


Hope this helps!
Regards
Torsten.

__________________________________________________
There are only 10 types of people in the world -
those who understand binary, and those who don't.
__________________________________________________
No support by private messages. Please ask the forum!

If you feel this was helpful please click the KUDOS! thumb below!   
Reply
chindi
Respected Contributor

‎08-06-2013 03:35 AM

‎08-06-2013 03:35 AM

Re: Version disclosure how to avoid it

Hi ,

 

We already have disabled telnet , but when we check from our local network say through telnet 10.xx.xx.xx  22 the ssh version must not be displayed .

 

telnet 10.xx.xx.xx  22

OpenSSH 4.5p1sdtpfilecontrol-v1.1hpn12v14

0 Kudos
Reply
Torsten.
Acclaimed Contributor

‎08-06-2013 04:56 AM

‎08-06-2013 04:56 AM

Re: Version disclosure how to avoid it

Look for a "banner" optin in "/etc/ssh/sshd_config".

Hope this helps!
Regards
Torsten.

__________________________________________________
There are only 10 types of people in the world -
those who understand binary, and those who don't.
__________________________________________________
No support by private messages. Please ask the forum!

If you feel this was helpful please click the KUDOS! thumb below!   
Reply
chindi
Respected Contributor

‎08-06-2013 05:27 AM

‎08-06-2013 05:27 AM

Re: Version disclosure how to avoid it

Hi ,

Its nt working

 

I tried Banner /etc/issue 

/etc/issue contents as "TEST"

 

when i took a ssh session it showed up as ;

 

login as: root
TEST
Using keyboard-interactive authentication.

 

 

Its not my reqmnt.

My reqmnt is when am doing telnet to check port from a machine to that particular hpux 11iv2 server ,

telnet 10.xx.xx.xx 22

 

It must not display ssh version , only a blank screen must appear .

0 Kudos
Reply
Torsten.
Acclaimed Contributor

‎08-06-2013 05:37 AM

‎08-06-2013 05:37 AM

Re: Version disclosure how to avoid it

Not /etc/issue but the ssh_config file!

Hope this helps!
Regards
Torsten.

__________________________________________________
There are only 10 types of people in the world -
those who understand binary, and those who don't.
__________________________________________________
No support by private messages. Please ask the forum!

If you feel this was helpful please click the KUDOS! thumb below!   
Reply
chindi
Respected Contributor

‎08-06-2013 05:53 AM

‎08-06-2013 05:53 AM

Re: Version disclosure how to avoid it

Hi Torsten ,

 

grep "Banne" /opt/ssh/etc/sshd_config

 

Banner /home/test

 

cat /home/test

test

 

and again when am trying telnet 10.xx.xx.xx 22  from my local machine to this server am able to get the ssh version .

 

 

0 Kudos
Reply
chindi
Respected Contributor

‎08-06-2013 06:14 AM

‎08-06-2013 06:14 AM

Re: Version disclosure how to avoid it

Hi ,

 

We need to change open ssh banner here.

 

Need to edit this file as ;

Read in a forum .

 

root #/ >vim /opt/ssh/src/ssh/version.h
/* $OpenBSD: version.h,v 1.48 2006/11/07 10:31:31 markus Exp $ */

#define SSH_VERSION "OpenSSH_4.5"

#ifdef HP_SFTP_UMASK_FIX
#define SSH_PORTABLE "p1+sftpfilecontrol-v1.1"
#else
#define SSH_PORTABLE "p1"
#endif /* HP_SFTP_UMASK_FIX */

#ifdef HP_HPN_PATCH
#define SSH_HPN "-hpn12v14"
#define SSH_RELEASE SSH_VERSION SSH_PORTABLE SSH_HPN
#else
#define SSH_RELEASE SSH_VERSION SSH_PORTABLE
#endif /* HP_HPN_PATCH */

#ifdef HP_VERSION_STRING /* Here: for hp ssh version */
#include "hp_version.h"
#endif /* HP_VERSION_STRING */

0 Kudos
Reply
chindi
Respected Contributor

‎08-07-2013 01:19 AM

‎08-07-2013 01:19 AM

Re: Version disclosure how to avoid it

How to disable SSH version and Operating System banner ?

 

#telnet localhost 22

OpenSSH 4.5p1sdtpfilecontrol-v1.1hpn12v14
 

after a lot of research i have found that we cannot and should not disbale it.

since it is reqd for clients who connect this server.

0 Kudos
Reply
chindi
Respected Contributor

‎08-13-2013 06:03 AM

‎08-13-2013 06:03 AM

Re: Version disclosure how to avoid it

Hi Matti / Dennis ,

 

Waiting for your suggestions.

0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.