[Bug 94] Userdefineable identification string

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Tue Feb 5 11:02:43 EST 2002


------- Additional Comments From djm at mindrot.org  2002-02-05 11:02 -------
This patch adds obscurity at best, it doesn't help security at all. In fact, it
encourages people not to upgrade their vulnerable servers. The attackers won't
care about a faked version - they'll just try their exploits regardless (in fact
weird protocol ident strings would make me more interested).

On top of this, it ruins any chance of being able to interop should we find
protocol bugs or if the wire spec changes again. Making the compat stuff runtime
may be a good idea for other reasons, but not to support silly hacks like this.

------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

More information about the openssh-unix-dev mailing list