Hiding Port Details?
 

When I port scan a server of ours, it returns name,type,version of two ports I really would not like it too (the ftp deamon, and ssh deamon).

Anyway to make a port NOT return anything else besides the TYPE that it is responding? You know, eliminate the display of all the versioning and whatnot... no need to let potential hackers KNOW what version or type of software you are using!

=)

Potential hackers will figure out anyways, did you scan with nmap? I believe if you edit /etc/services file you can fool the scriptkiddies of knowing what services are running on what port.

Heh... script kiddies... yeeeesssshhh...

No, the /etc/services file doesnt contain the Name, Version, Running instance of particular programs on ports... at least nothing in the file looks like what I am getting back from a simple scan of tcp ports. (the udp ports yeild no information other than the port name).

Ah well... shot in the dark. Its probably handled by each program somehow, and those two programs have no settings to "turn it off".

No biggie... I have taken as many steps I humanly know to 'prevent' breaches... but nothing is perfectly secure unless you simply unplug your machine ;)

Usually it's in the daemons source as something like a "define version yadayadayada", btw, it's useless to try to un-banner sshd as it's needed in determining which server the client talks to.

maybe portsentry will help u much :)