Jump to content

ssh version from web


joe7
 Share

Recommended Posts

I took the IP address of a website and append :22 to the end and got this return

SSH-2.0-OpenSSH_ver-num

The version is several versions old

I think that is bad because its telling a possible attacker what version of openSHH they are running so the attacker would know what exploits to try to run.

Then I ran curl to see what server software they are running

curl -I IP address
...
Server: Microsoft-IIS/6.0

This too is bad for the same reason. How can this information be hidden? Could a scanner have found this information? Does this information being available even matter?

Link to comment
Share on other sites

Yes on both cases.

OK so having ssh version and server software know is bad. Lets fix this.

You can disable IIS server headers according to this.

Thanks. That will be useful.

SSH, on the other hand, needs the version number to be sent so the client knows what it's dealing with.

Really? So that means there is no way to hide or fake the version without breaking things? Having a version reply show up in a web browser seems old for ssh. At least that should be disabled some how, but if a scanner can find the version then there is no point.

Link to comment
Share on other sites

Really? So that means there is no way to hide or fake the version without breaking things? Having a version reply show up in a web browser seems old for ssh. At least that should be disabled some how, but if a scanner can find the version then there is no point.

Err, upgrade?

Link to comment
Share on other sites

If your security relies on hiding the version number of the software that you are using then you have real problems.

Having version numbers picked up by scanners and other software can also help sysadmins keep track of what versions are in use and plan which ones to upgrade next.

Link to comment
Share on other sites

Also, not providing the version number does not stop attackers from trying recent exploits.

Which they will. Especially if it's on the perimeter of your network and it doesn't take any effort to get to it.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...