Network Security Tools

Compiling and Testing hide_sshd

The hide_sshd.c source code assumes we are trying to hide the presence of sshd running on a host. If you want to hide any other service, change the value of PORT_TO_HIDE. For the purposes of this section, we assume that sshd is running on the host. Make sure by running netstat:

[notroot]$ netstat -na | grep 22
tcp     0     0.0.0.0:22    0.0.0.0:*    LISTEN

Use the following makefile:

obj-m += hide_sshd.o

Compile using the following make command:

[notroot]$ make -C /usr/src/linux-`uname -r` SUBDIRS=$PWD modules

Insert the module:

[root]# insmod ./hide_sshd.ko

Now sshd will not be visible. Try the netstat query again:

[notroot]# netstat -na | grep 22

Unload the module when done:

[root]# rmmod hide_sshd

Get Network Security Tools now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Network Security Tools by Nitesh Dhanjani, Justin Clarke

Compiling and Testing hide_sshd

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly