| Many of the services that are available on a system expose information about the system or the service. These announcements are rarely required by the protocol and do not require revealing the version of the software or the type or version of the operating system on which the service is running. These announcement banners can be removed or minimized to avoid releasing useful information. Announcement banners have also been an issue with prosecution of hackers. Announcements which welcome you to a system can be perceived as granting permission to use the system. Today acceptable use warning banners are needed for legal defense. Reconfiguring the Service Many services are able to configure the information which is presented by the service. Some of these systems can be configured to not report this information or to report information supplied by the administrator. Any services which can be configured to disable its announcement banners should be so configured. Otherwise, it should be configured to expose the least amount of information possible. -
telnet provides terminal level access to a system. It requires user identification and authentication to grant access to the system. However, the default telnet banner reports operating system, hostname, operating system release, and version and the type of system hardware. One can override the default telnetd login banner. On Linux, the -h option is used to disable the host specific information in the banner. On HP-UX, the -b option will disable the information or you can supply a banner file to be displayed instead. For example, to use /etc/issue as the login banner, have inetd start telnetd with the following lines in /etc/inetd.conf . If bannerfile is not specified, telnetd does not print a login banner. telnet stream tcp nowait root /usr/lbin/telnetd telnetd -b /etc/issue The banner file can be used to present an acceptable use or warning banner. -
FTP provides file transfer capabilities to the system. It can be configured to require authentication or to grant anonymous access. The default banner reports the hostname and the version of the software. However, there are options which can be set in /etc/ ftpd /ftpaccess which will suppress the banner output and the output of the stat command. On Linux, the entry is greeting terse On HP-UX, the needed entries are suppresshostname yes suppressversion yes -
Sendmail is the most common SMTP daemon provided with Linux and HP-UX systems. The default greeting message is configured to supply the system hostname, the version of sendmail, the patch level, and the current time. The information about the mail server is contained in the configuration file: /etc/mail/sendmail.cf . It can be removed by changing the following line in the configuration file from SmtpGreetingMessage=$j Sendmail $v/$Z; $b to SmtpGreetingMessage=  |
