LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 04-18-2003, 07:13 PM   #1
ximar
LQ Newbie
 
Registered: Apr 2003
Distribution: Mandrake 9.1
Posts: 3

Rep: Reputation: 0
How to hide server -220 messages


Ok I'm gona run some FTP and SSH server in my Linux box and I want to hide the server -220 welcome messages from some banned IPs when they are scanning my servers. The non banned users can use the server and see the -220 message if they scan me.

I'm currently running GuildFTPd in w2k and it can hide the -220 welcome message from banned IPs. Here's some picture how the IP mask is working.

http://www.agreathost.net/kmk/ipmask.jpg

So I want to hide also the OpenSSHd -220 welcome message from banned IPs. Can this be done in someway ? Maybe some firewall, batch or plugin in OpenSSHd ?

Last edited by ximar; 04-19-2003 at 05:58 AM.
 
Old 04-18-2003, 11:45 PM   #2
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 69
I'm kind of confused on exactly what you want to do, but you can put the banned ip addresses in /etc/hosts.deny. Then they won't even be able to connect to your FTP/SSH server at all, instead of just not getting a banner. To do that just open the hosts.deny in a text editor (vi or whatever) and put in a line like this:

ftpd: xxx.xxx.xxx.xxx yyy.yyy.yyy.yyy
sshd: xxx.xxx.xxx.xxx yyy.yyy.yyy.yyy

Last edited by Capt_Caveman; 04-18-2003 at 11:47 PM.
 
Old 04-19-2003, 06:04 AM   #3
ximar
LQ Newbie
 
Registered: Apr 2003
Distribution: Mandrake 9.1
Posts: 3

Original Poster
Rep: Reputation: 0
Well if you have some server running could you ban my IP so that I could test that is your method the thing that I'm searching for.

My NAT IP: 193.65.112.51
My LAN IP: 172.25.2.149

ICQ, PM or email me the IP so that I could scan your server for a test...
 
Old 04-19-2003, 11:00 AM   #4
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 69
Errrrr, you want me to give you my ip, so that you can scan my linux box. I think I'll pass. But you can try it locally. Just put in the ip of one of your internal hosts in hosts.deny and then try to connect. You should get a connection refused reply. You'll also get a message in your log file stating that the banned ip tried to access that service. If you want to stealth that port or something, you can use iptables but it is a little more work and can be a pain if you have a bunch of addresses you want to ban. If you are just trying to ban someone then hosts.deny is the way to go.
 
Old 04-19-2003, 11:41 AM   #5
ximar
LQ Newbie
 
Registered: Apr 2003
Distribution: Mandrake 9.1
Posts: 3

Original Poster
Rep: Reputation: 0
Ok I have to test that in locally when I have cable connection to my Linux box...
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Cannot Open Mail Server Ports 25, 110, and 220. Other Ports will open. Binxter Linux - Newbie 9 11-29-2007 02:03 AM
Bash scripting (hide sterr messages) Quantum0726 Programming 2 06-07-2005 08:05 PM
Apache2 + Debian: how to hide information about server? Warp22 Linux - Software 5 04-11-2005 12:27 AM
How To Hide Kernel Messages With Graphics dragoncity99 Slackware 3 03-18-2005 08:11 PM
Matrox Mystique 220 jfcayron Linux - Hardware 4 03-17-2004 09:48 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 06:19 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration