Doing something with OS fingerprint?
Stef Bon
stefbon at gmail.com
Thu Mar 4 06:47:24 AEDT 2021
Op ma 22 feb. 2021 om 10:56 schreef Jochen Bern <Jochen.Bern at binect.de>:
>
>
> My - admittedly first ever - thoughts on that:
>
> -- Doesn't OpenSSH already parse the peer's Hello String for that
> purpose?
No as I know it that is only the software and version, not the os,
> -- (The possibility of SSH software other than the OS default being
> installed has already been mentioned)
> -- osf can also differ from defaults (own fingerprint files being
> loaded, --ttl param etc.)
Huh what do you mean Jochen? You know something about this software?
> -- Just because the kernel('s iptables implementation) has that info
> doesn't mean that ssh(d) can easily get it
No, but the creators/maintainers of the osf submodule of iptables had
probably other uses in mind
than only logging... So something like netlink? Not easy indeed.
> -- Not to forget non-Linux systems ...
Yes. It only works with iptables being present as far I can see.
Thanks for your thoughts.
Stef Bon
More information about the openssh-unix-dev
mailing list