diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 2001-03-18 23:30:56 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 2001-03-18 23:30:56 +0000 |
| commit | 08e936ba06f336988b41f4cd5a04479655d34ab3 (patch) | |
| tree | dcc675d21ffedaa9844f5de16d0ec7e1e5ec18ef /usr.bin/ssh/sshd.c | |
| parent | 9136b3024c220bb437eb2b36de6f1f97d0e556fc (diff) | |
specifically version match on ssh scanners. do not log scan information
to the console, because clueless users freak out when people do completely
legal probes. instead, generate a detailed log file entry and use british
humour to relax their sphincters a little bit.
Diffstat (limited to 'usr.bin/ssh/sshd.c')
| -rw-r--r-- | usr.bin/ssh/sshd.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/usr.bin/ssh/sshd.c b/usr.bin/ssh/sshd.c index 26b2d3a330a..0a38665ee13 100644 --- a/usr.bin/ssh/sshd.c +++ b/usr.bin/ssh/sshd.c @@ -40,7 +40,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshd.c,v 1.174 2001/03/09 12:30:29 deraadt Exp $"); +RCSID("$OpenBSD: sshd.c,v 1.175 2001/03/18 23:30:55 deraadt Exp $"); #include <openssl/dh.h> #include <openssl/bn.h> @@ -372,6 +372,12 @@ sshd_exchange_identification(int sock_in, int sock_out) compat_datafellows(remote_version); + if (datafellows & SSH_BUG_SCANNER) { + log("scanned from %s with %s. Don't panic.", + get_remote_ipaddr(), client_version_string); + fatal_cleanup(); + } + mismatch = 0; switch(remote_major) { case 1: |