From 08e936ba06f336988b41f4cd5a04479655d34ab3 Mon Sep 17 00:00:00 2001
From: Theo de Raadt <deraadt@cvs.openbsd.org>
Date: Sun, 18 Mar 2001 23:30:56 +0000
Subject: specifically version match on ssh scanners.  do not log scan
 information to the console, because clueless users freak out when people do
 completely legal probes.  instead, generate a detailed log file entry and use
 british humour to relax their sphincters a little bit.

---
 usr.bin/ssh/sshd.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

(limited to 'usr.bin/ssh/sshd.c')

diff --git a/usr.bin/ssh/sshd.c b/usr.bin/ssh/sshd.c
index 26b2d3a330a..0a38665ee13 100644
--- a/usr.bin/ssh/sshd.c
+++ b/usr.bin/ssh/sshd.c
@@ -40,7 +40,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshd.c,v 1.174 2001/03/09 12:30:29 deraadt Exp $");
+RCSID("$OpenBSD: sshd.c,v 1.175 2001/03/18 23:30:55 deraadt Exp $");
 
 #include <openssl/dh.h>
 #include <openssl/bn.h>
@@ -372,6 +372,12 @@ sshd_exchange_identification(int sock_in, int sock_out)
 
 	compat_datafellows(remote_version);
 
+	if (datafellows & SSH_BUG_SCANNER) {
+		log("scanned from %s with %s.  Don't panic.",
+		    get_remote_ipaddr(), client_version_string);
+		fatal_cleanup();
+	}
+
 	mismatch = 0;
 	switch(remote_major) {
 	case 1:
-- 
cgit v1.2.3