Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Secure-Shell
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Can I prevent the ssh client from silencing banner in interactive mo

from [Jason Muskat, GCFA, GCUX, de VE3TSJ] Network Security [Permanent Link]
Subject: Re: Can I prevent the ssh client from silencing banner in interactive mode?
Date: Thu, 29 Mar 2007 03:04:04 -0400 
Hello,

SSH does have 'banner'. This is a pre login (pre-authentication banner) message.

Example:
Banner /etc/issue.net

The contents of /etc/issue.net will be sent to the client upon connect and before entering a password.

SSH also has 'PrintMotd'. This is a post login "message of the day" (post-authentication banner) message. The file's location is system dependent and is often located at /etc/motd.

Example:
PrintMotd yes

The contents of MOTD will be sent to the client after successfully logging in before running the users shell.

Also, nothing is stopping an Admin from editing the "/etc/ profile" (or whatnot) file adding in banner as well (echo statements).


One cannot control the client software. Don't try to. Control what you can, the server. Using the three banners as above shows that every effort to display a banner was made.


Regards,

--
Jason Muskat  | GCFA, GCUX - de VE3TSJ
____________________________
TechDude
e. Jason@TechDude.Ca
m. 416 .414 .9934

http://TechDude.Ca/


On 23-Mar-07, at 2:07 PM, Bartick, Brett wrote:

In today's world of legal MumboJumbo and Sarbanes-Oxley, I like to know
if it's possible to always display the banner when one connects in an
interactive mode and prevent the '-q' option or Loglevel quite in the
config file from being enforced? Basically, we'd like to always display
a legal banner when one connects interactively to our systems.

OS: Solaris 2.8
SSH version: OpenSSH_4.5p1, OpenSSL 0.9.7m 23 Feb 2007

Regards,

Brett


PLEASE READ: This message is for the named person's use only. It may contain confidential, proprietary or legally privileged information. No confidentiality or privilege is waived or lost by any mistransmission. If you receive this message in error, please delete it and all copies from your system, destroy any hard copies and notify the sender. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. Nomura Holding America Inc., Nomura Securities International, Inc, and their respective subsidiaries each reserve the right to monitor all e-mail communications through its networks. Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorized to state the views of such entity. Unless otherwise stated, any pricing information in this message is indicative only, is subject to change and does not constitute an offer to deal at any price quoted. Any reference to the terms of executed transactions should be treated as preliminary only and subject to our formal written confirmation.

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: pubkey authentication problem, Darren Tucker
Next by Date:  Re: Can I prevent the ssh client from silencing banner in interactive mode?, Jason Muskat, GCFA, GCUX, de VE3TSJ
Previous by Thread:  Re: Can I prevent the ssh client from silencing banner in interactive mode?, Derek Martin
Next by Thread:  Re: Can I prevent the ssh client from silencing banner in interactive mode?, Jason Muskat, GCFA, GCUX, de VE3TSJ
Indexes:  [Date] [Thread] [Top] [All Lists]