Very Computer

Howdy,

I already had asked this question before and somebody gave me an answer, but
it's been a while and my brain isn't what it used to be, so here is the
question again:

How do I get rid of the "FreeBSD/i386" banner in both the "telnet" and the
sshd login screens?  (Purpose is to not let everybody know what OS I am
running, at least not right away =-)).

TIA,

Simon Chang

Quote:> Howdy,

> I already had asked this question before and somebody gave me an answer, but
> it's been a while and my brain isn't what it used to be, so here is the
> question again:

> How do I get rid of the "FreeBSD/i386" banner in both the "telnet" and the
> sshd login screens?  (Purpose is to not let everybody know what OS I am
> running, at least not right away =-)).

I am NOT a security expert, but this is the way that I get rid of the
OS indicator:

In /etc/inetd.conf, there is a line for telnetd.   Add to the end of that line a switch
of -h, and it won't indicate FreeBSD anymore.

John

Quote:>Howdy,

>I already had asked this question before and somebody gave me an answer, but
>it's been a while and my brain isn't what it used to be, so here is the
>question again:

>How do I get rid of the "FreeBSD/i386" banner in both the "telnet" and the
>sshd login screens?  (Purpose is to not let everybody know what OS I am
>running, at least not right away =-)).

   Can't say for ssh, but I ripped the FreeBSD/i386 banners out by editing
   /etc/gettytab and changing the default entry from

         default:\
            :cb:ce:ck:lc:fd#1000:im=\r\n%s/%m (%h) (%t)\r\n\r\n:sp#1200:

   To

         default:\
            :cb:ce:ck:lc:fd#1000:im=\r\nLinux 0.12 (%h)\r\n\r\n:sp#1200:

   Then deleted /etc/motd and set

       update_motd="NO"

   in /etc/rc.conf

   Now if people want to find out what this machine is, they need to either
   run nmap or successfully log in.

                 ____
   david parsons \bi/ Silence is golden as soon as I shut sendmail up.
                  \/

: Howdy,
:
: I already had asked this question before and somebody gave me an answer,
: but it's been a while and my brain isn't what it used to be, so here is
: the question again:
:
: How do I get rid of the "FreeBSD/i386" banner in both the "telnet" and the
: sshd login screens?  (Purpose is to not let everybody know what OS I am
: running, at least not right away =-)).

        man gettytab

        In particular the "im" option.

        But anyone that really wants to know what OS you're running doesn't
        need the banner to tell them.  Unless you tweek your TCP/IP stack a
        bit (IPFilter works great for this), a simple nmap scan will quickly
        tell anyone that cares what OS, version, and patch level you're
        running.

--

BSD:  A psychoactive drug, popular in the 80s, probably developed at UC
Berkeley or thereabouts.  Similar in many ways to the prescription-only
medication called "System V", but infinitely more useful. (Or, at least,
more fun.)  The full chemical name is "Berkeley Standard Distribution".