Re: SSH Analysis : ever tried ?
- From: ChapiChapo <Chapi@xxxxxx>
- Date: Fri, 19 Oct 2007 09:21:08 +0200
In article <slrnfhflvm.vg.elvis-85473@xxxxxxxxxxxxxx>, elvis-85473
@notatla.org.uk says...
On 2007-10-18, ChapiChapo <Chapi@xxxxxx> wrote:
This page demonstrates analysing a captured command line SSH session to
estimate original commands typed. This is not a flaw in SSH - SSH is a
great protocol regardless of these techniques; rather this is a
demonstration on what can possibly be deduced from the analysis of
encrypted traffic.
Did someone ever tried this ?
http://www.brendangregg.com/sshanalysis.html
Work like this has been done by 2 independent teams in 2001.
David Wagner & Dawn Song
Solar Designer & Dug Song
Thanks.
I though that the timing attacks on SSH were only usable on SSH v1.
.
- References:
- SSH Analysis : ever tried ?
- From: ChapiChapo
- SSH Analysis : ever tried ?
- Prev by Date: Re: non-interactive sftp and 'put'
- Next by Date: defeated by optmisation!
- Previous by thread: Re: SSH Analysis : ever tried ?
- Next by thread: defeated by optmisation!
- Index(es):
