On Tue, 08 Oct 2019 11:53:33 -0600, "Keith Medcalf" said: > So while the cost of doing the thing may be near-zero, it is not zero.
And in fact, there's more than just the costs of doing it. There's also the costs of having done it. Obfuscating your OpenSSH versions is a *really* good way to make your security scanners that flag backleveled systems fail to flag the systems. Which can cause a really uncomfortable conversation with the CIO about why the local newspaper's front page is running a story about how your organization got totally pwned via a backleveled OpenSSH on one cluster of 5 servers.....
pgpES4WWnZrxq.pgp
Description: PGP signature
