Passive analysis of SSH traffic


Author: JT Smith has an article addressing security weaknesses in SSH protocols. “SSH is still the best available security for remote connections. Exploitation of this
vulnerability requires the ability to monitor the traffic between an SSH server and client. Even when an attacker is able to sniff traffic, it is
no guarantee that they’ll actually be able to crack any of the encrypted data.

If you’d like to test your SSH implementation yourself, Openwall has made available the source to a program called SSHOW. The program will
also be rolled into the dsniff package.”


  • Linux