Solved

Solutionary was able to poll configuration information from the Secure Shell (SSH) daemon. The information gathered remotely from an SSH daemon may include:

Posted on 2009-03-30
4
352 Views
Last Modified: 2012-08-13
Solutionary was able to poll configuration information from the Secure Shell (SSH) daemon. The information gathered remotely from an SSH daemon may include:
* SSH Version
* Host key size
* Public key size
* Authentication methods in use
* Number of authorized_keys in RSA authentication
* Encryption methods in use
* Password lengths or ranges of lengths
* Lengths of shell commands
0
Comment
Question by:Brijeshk9
  • 2
  • 2
4 Comments
 
LVL 62

Assisted Solution

by:gheist
gheist earned 500 total points
ID: 24027047
SSH protocol publishes first four and 6th by protocol design. You cannot avoid them. It is just for scaring you.
Rest needs authenticated session.
0
 

Author Comment

by:Brijeshk9
ID: 24029590
so is there any action required to remove this  kind of Website Vulnerabilities..?
0
 
LVL 62

Accepted Solution

by:
gheist earned 500 total points
ID: 24031956
This is not related to any sort of "website"
"may include" is not a strict expression. No action should be taken.
Event ehough if you never patched your SSH server, then you should find a way to get patches from your vendor - some real attacks are possible against 5yo SSH server.
0
 

Author Closing Comment

by:Brijeshk9
ID: 31564649
Thanks
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
What are recommended OS for exim mail server? 10 111
sftp & TLS 1.1 or higher 1 67
Image not there 4 53
000webhost.com default error log 1 28
Secure Shell (SSH) is a network protocol for secure data communication, mainly used to administer remote Unix / Linux servers via command line. But it also allows the user to open a secure tunnel between a client and a server where he can send any k…
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question