login banner change for Solaris 2.7?

login banner change for Solaris 2.7?

Post by a » Thu, 24 Jun 1999 04:00:00



Hi all,

I'd like to make it *less* easy for the hacker wanna-be's
to know what OS I am running and would to get rid of
the banner that says

    SunOS 5.7

    login:

Is there a way to disable this default SunOS 5.7 part so you
just get a "login" prompt?

Thanks,
Mike

 
 
 

login banner change for Solaris 2.7?

Post by Alan J Rosenth » Fri, 25 Jun 1999 04:00:00



>I'd like to make it *less* easy for the hacker wanna-be's
>to know what OS I am running and would to get rid of
>the banner that says

>    SunOS 5.7

>    login:

I'm adding the following to my "vfaq" file:

Subject: How do I prevent my machine from announcing OS version, daemon
        version, etc in the banner message?

In unix, find the daemon in question, possibly by finding its line
in /etc/inetd.conf, and read its man page.  For complex config files
(e.g. sendmail), search in the config file for the constant portions of
the string it's outputting (e.g. in sendmail.cf find the string "Sendmail"
with a capital 'S').  For telnetd, some systems have "-h" to suppress the
greeting and other systems output the contents of a file called something
like /etc/issue.  (Note that in redhat linux, you really want to modify
/etc/rc.d/rc.local rather than (or in addition to) /etc/issue*, because
it regenerates /etc/issue* upon boot.)

[paragraph repeated from the article I just wrote re sendmail banner:]
But this might not really be a security issue and it might not be worth
your effort.  Suppressing banners probably doesn't restrict any information
which is genuinely useful to an attacker.  If an attacker has some "exploit"
program for sendmail 1.2.3 only, then rather than checking the banner
to see if your machine is in fact running sendmail 1.2.3, they might as
well just run the exploit program, which is a direct check of whether
you're vulnerable.  Whereas the banner suppression *will* interfere with
some kinds of checking of sendmail versions which you yourself may want
to do occasionally.

 
 
 

login banner change for Solaris 2.7?

Post by Casper H.S. Dik - Network Security Engine » Sat, 26 Jun 1999 04:00:00


[[ PLEASE DON'T SEND ME EMAIL COPIES OF POSTINGS ]]


Quote:>In unix, find the daemon in question, possibly by finding its line
>in /etc/inetd.conf, and read its man page.  For complex config files
>(e.g. sendmail), search in the config file for the constant portions of
>the string it's outputting (e.g. in sendmail.cf find the string "Sendmail"
>with a capital 'S').  For telnetd, some systems have "-h" to suppress the
>greeting and other systems output the contents of a file called something
>like /etc/issue.  (Note that in redhat linux, you really want to modify
>/etc/rc.d/rc.local rather than (or in addition to) /etc/issue*, because
>it regenerates /etc/issue* upon boot.)

And in Solaris 7, the in.telnetd manual page says:

     The banner  printed  by  in.telnetd   is  configurable.  The
     default  is  (more  or less) equivalent to "`uname -sr`" and
     will be used if no banner is set  in   /etc/default/telnetd.
     To set the banner, add a line of the form

(Rest deleted to keep the suspense)

Casper
--
Expressed in this posting are my opinions.  They are in no way related
to opinions held by my employer, Sun Microsystems.
Statements on Sun products included here are not gospel and may
be fiction rather than truth.

 
 
 

login banner change for Solaris 2.7?

Post by Rowa » Sat, 26 Jun 1999 04:00:00


hi,
in sco, edit /etc/issue or /etc/default/issue. sun? not sure.
rowan

> Hi all,

> I'd like to make it *less* easy for the hacker wanna-be's
> to know what OS I am running and would to get rid of
> the banner that says

>     SunOS 5.7

>     login:

> Is there a way to disable this default SunOS 5.7 part so you
> just get a "login" prompt?

> Thanks,
> Mike

 
 
 

login banner change for Solaris 2.7?

Post by Alan J Rosenth » Sat, 26 Jun 1999 04:00:00



Quote:>And in Solaris 7, the in.telnetd manual page says:
>     The banner  printed  by  in.telnetd   is  configurable.

...

Thanks for the pointer.  I've added:

        For Solaris 2.6 and greater, put "BANNER=" (without the quotes)
        in /etc/default/telnetd.  The telnetd included with Solaris <2.6
        and SunOS can't suppress the banner, but there's no need to use
        that particular software; you could use GNU telnetd, for example;
        or you might edit the binary, as the strings appear in it.

(let me know if I've got anything wrong in there -- it's definitely not in
solaris 2.5, but my version list might still be wrong)

 
 
 

login banner change for Solaris 2.7?

Post by Suchandra Tha » Mon, 28 Jun 1999 04:00:00



>Hi all,

>I'd like to make it *less* easy for the hacker wanna-be's
>to know what OS I am running and would to get rid of
>the banner that says

        If the person examining your machine is using something
like nmap to scan it then supressing the banner won't help
since nmap determines the os by its response to certain TCP packets.

--
------------------------------------------------------------------

Suchandra S. Thapa

------------------------------------------------------------------

 
 
 

1. Changing login graphic (was Re: Changing the login banner on Solaris 2.5

On a related note...Is there a site that has other login graphics?  By  
this I mean the dialog box that asks for username, then says welcome user  
and asks for password.  I have a NeXT at home and many other login windows  
were created that could be put in place of the standard login window, Star  
Trek, un*x daemon, Calvin & Hobbes, etc.

I'd like to be able to do this with CDE 1.02 and Solaris 2.5.1.  We are a  
Statistics dept. so something related to that would be a bonus, but it  
doesn't have to be.

Chuck Kincaid

Please remove NO_SPAM to reply.

2. "Delayed eth0 Initialization" during bootup is harddisk corruption

3. Can you change a HOSTID on Solaris 2.7 & Solaris 8???

4. Why would "telnet localhost" disallow connection?

5. Changing the login banner on Solaris 2.5

6. Need help setting up my modem.

7. CDE, solaris 2.7, tcsh; hangs at login

8. Help needed - coordinating different forms in a printer

9. Solaris 7 (2.7) Login Problem - Casper Dik, you out there?

10. KDE 1.1.2 on Solaris 2.7 login processing

11. Help: How do you change the IP address or a server running Solaris 2.7?

12. NFS changes in Solaris 2.7?

13. Changing the login banner + prompt in telnet.