Ok I'm gona run some FTP and SSH server in my Linux box and I want to hide the server -220 welcome messages from some banned IPs when they are scanning my servers. The non banned users can use the server and see the -220 message if they scan me.

I'm currently running GuildFTPd in w2k and it can hide the -220 welcome message from banned IPs. Here's some picture how the IP mask is working.

http://www.agreathost.net/kmk/ipmask.jpg

So I want to hide also the OpenSSHd -220 welcome message from banned IPs. Can this be done in someway ? Maybe some firewall, batch or plugin in OpenSSHd ?

I'm kind of confused on exactly what you want to do, but you can put the banned ip addresses in /etc/hosts.deny. Then they won't even be able to connect to your FTP/SSH server at all, instead of just not getting a banner. To do that just open the hosts.deny in a text editor (vi or whatever) and put in a line like this:

ftpd: xxx.xxx.xxx.xxx yyy.yyy.yyy.yyy
sshd: xxx.xxx.xxx.xxx yyy.yyy.yyy.yyy

Well if you have some server running could you ban my IP so that I could test that is your method the thing that I'm searching for.

My NAT IP: 193.65.112.51
My LAN IP: 172.25.2.149

ICQ, PM or email me the IP so that I could scan your server for a test...

Errrrr, you want me to give you my ip, so that you can scan my linux box. I think I'll pass. But you can try it locally. Just put in the ip of one of your internal hosts in hosts.deny and then try to connect. You should get a connection refused reply. You'll also get a message in your log file stating that the banned ip tried to access that service. If you want to stealth that port or something, you can use iptables but it is a little more work and can be a pain if you have a bunch of addresses you want to ban. If you are just trying to ban someone then hosts.deny is the way to go.

Ok I have to test that in locally when I have cable connection to my Linux box...