lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <fdb3980a04071614526c9e62bf@mail.gmail.com>
From: mohit.muthanna at gmail.com (Mohit Muthanna)
Subject: SNMP Broadcasts

> No, not at all.  There's a big difference between a *standardized service*
> and it's underlying protocols.  In order to be SSH, it must comply with
> all of the standards for SSH.  Otherwise, you get a M$ Windows product.

I was trying to stay away from this thread, but anyhow:

If you've ever read RFCs before, you would be familiar with terms like
MUST, SHOUD, MAY, MANDATORY etc. There is no document that says that
in order to be "standard" SSH the listen port MUST be 22. Or tcp/22 is
the MANDATORY port for SSH.

The document only says that SSH "normally" uses port 22. 

The IANA has assigned port 22 for ssh, but this doesn't mean that
you're not complying with the SSH standard by listening on an
alternate port.

That's it. For all practical purposes, no matter what port the daemon
listen's on, it _IS_ SSH.

-- 
Mohit Muthanna [mohit (at) muthanna (uhuh) com]
"There are 10 types of people. Those who understand binary, and those
who don't."


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ