Focus on IDS
Back to list
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
Help in writing Network IDS/IPS signature to detect sftp vulnerability
Jun 07 2008 12:21AM
Ravi Chunduru (ravi is chunduru gmail com)
Hi,
Check this disclosure at
http://archives.neohapsis.com/archives/fulldisclosure/2008-06/0101.html
the attack data is encrypted within the encrypted SSH. Without
having to decrypt the SSH, is there any clever way to detect this
(using some kind of anomaly on the packet size, type of character...
[ more ]
Privacy Statement
Copyright 2010, SecurityFocus
Check this disclosure at
http://archives.neohapsis.com/archives/fulldisclosure/2008-06/0101.html
the attack data is encrypted within the encrypted SSH. Without
having to decrypt the SSH, is there any clever way to detect this
(using some kind of anomaly on the packet size, type of character...
[ more ]