Thanks to all that replied.
[Original Question]
> is there a way to remove the default banner that appears
> when people establish telnet or ftp connections?
>
> e.g.:
>
> Compaq Tru64 UNIX V5.0 (Rev. 910) (gimli) (pts/1)
>
> and
>
> Connected to gimli
> 220 gimli FTP server (Compaq Tru64 UNIX Version 5.60) ready.
> Name (gimli:rauld):
>
> Doesn't this type of OS announcement represent a security issue?
[Solutions]
The telnet banner can be removed by adding this line to the file
/etc/gettydefs
default#B9600#B9600#\n#default
I can't say if this works or not - I haven't done it yet.
However, more than one person suggested this fix.
As for FTP, there was only one idea for fixing this ...
basically obtain source code for some other ftpd, hack the code,
compile and replace the stock ftpd.
It seems like there would be a better way to do this!
Finally, with respect to security, I have to admit that my last question
was a bit rhetorical. I am aware of the fact that there are plenty of
tools out there that can fingerprint your OS.
Given that, however, it doesn't seem like the _BEST_ policy to go around
fully advertising your OS. Why not make it as hard as possible for the little
script kiddies. Most security papers I've read suggest removing such
banners as a first attempt at making networks more secure.
Thanks again to all that responded,
Russ
Received on Wed Sep 27 2000 - 15:12:08 NZST