[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 380
  • Last Modified:

Solutionary was able to poll configuration information from the Secure Shell (SSH) daemon. The information gathered remotely from an SSH daemon may include:

Solutionary was able to poll configuration information from the Secure Shell (SSH) daemon. The information gathered remotely from an SSH daemon may include:
* SSH Version
* Host key size
* Public key size
* Authentication methods in use
* Number of authorized_keys in RSA authentication
* Encryption methods in use
* Password lengths or ranges of lengths
* Lengths of shell commands
0
Brijeshk9
Asked:
Brijeshk9
  • 2
  • 2
2 Solutions
 
gheistCommented:
SSH protocol publishes first four and 6th by protocol design. You cannot avoid them. It is just for scaring you.
Rest needs authenticated session.
0
 
Brijeshk9Author Commented:
so is there any action required to remove this  kind of Website Vulnerabilities..?
0
 
gheistCommented:
This is not related to any sort of "website"
"may include" is not a strict expression. No action should be taken.
Event ehough if you never patched your SSH server, then you should find a way to get patches from your vendor - some real attacks are possible against 5yo SSH server.
0
 
Brijeshk9Author Commented:
Thanks
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now