[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipfilter
Subject:    RE: block sshv1 or sshv2 ?
From:       "Olmsted, Brian" <Brian.Olmsted () allstream ! com>
Date:       2005-08-09 14:55:49
Message-ID: F0A5661C0654E141B2BA417705F2B278210B6981 () TOREX006 ! att-intra ! com
[Download RAW message or body]


As David indicates it is better to filter using ssh itself to not allow
sshv1 connections.

Darren describes limited content filtering to track connections here:
http://marc.theaimsgroup.com/?l=ipfilter&m=109924496029603&w=2


-----Original Message-----
From: owner-ipfilter@coombs.anu.edu.au
[mailto:owner-ipfilter@coombs.anu.edu.au] On Behalf Of David Powers
Sent: Tuesday, August 09, 2005 10:05 AM
To: gros castor
Cc: ipfilter@coombs.anu.edu.au
Subject: Re: block sshv1 or sshv2 ?

I'm not an ipfilter expert, but I can't think of a way you could do it.

Even if you could, I can think of much better tools to do the job.  Not 
the least of which would be to configure the ssh servers to only accept 
v2 connections.  ;)

-David

gros castor wrote:

>A "security expert" claims that it is possible with IPFILTER to choose
>to block sshv1 and not to block sshv2.
>
>I don't agree because IPFILTER does his job on the layer 3 and 4.
>Whereas SSH belongs to application layer.
>
>What do you think about this ?
>
>Thank you
>
>  
>

[prev in list] [next in list] [prev in thread] [next in thread]