Am 07.01.2012 15:44, schrieb Sam Varshavchik: >> no, one keys of security is to provide as less informations as >> absolutely necessary, not only for sshd, for every single >> service >> >> in the best case no single foreign person has an idea >> what software you are currently running, not what OS >> nor what service-software and at least no exact version > > Ok, then why are you even running ssh on the default port? do i this? no i do not! so please do not make any assumptions out of the blue! ssh is running on a hidden port, only accepting key-auth and only accepting exactly 3 users for login and allows only 30 connections per minute - said that about my knowledge to setup a service properly and that is why i am pissed of get "Medium" alerts only because sshd is spiting out his version and no it does not interest me if a 10 years old client could have any problems - such old clients have to be updated or deleted as soon as possible from security point of view i, and only i am responsible for the machines so why do i not have a option only "SSH-2.0-OpenSSH" provide to a anonymous client?
Attachment:
signature.asc
Description: OpenPGP digital signature
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
