Research: SSH Support for additional protocol analysis
Is there any additional work we can do in SSH protocol analysis? Corelight's article on SSH Inference was very interesting, though I'm not how well it works in reality. https://corelight.blog/2019/11/19/corelight-ssh-inference-package/
This could extend to other protocols
Updated by Victor Julien about 2 years ago
- Subject changed from Research: Support for additional protocol analysis to Research: SSH Support for additional protocol analysis
- Assignee set to Community Ticket
- Target version set to TBD
I think we first need a description of what is missing and could be added to our SSH parser and/or detection.