Project

General

Profile

Actions

Feature #4148

open

Research: SSH Support for additional protocol analysis

Added by Jeff Lucovsky about 4 years ago. Updated about 1 year ago.

Status:
New
Priority:
Normal
Target version:
Effort:
Difficulty:
Label:
Protocol

Description

Chris G:
Is there any additional work we can do in SSH protocol analysis? Corelight's article on SSH Inference was very interesting, though I'm not how well it works in reality. https://corelight.blog/2019/11/19/corelight-ssh-inference-package/

This could extend to other protocols


Related issues 2 (2 open0 closed)

Related to Suricata - Task #4097: Suricon 2020 brainstormAssignedVictor JulienActions
Related to Suricata - Feature #7103: ssh: extra fields and keywordsFeedbackOISF DevActions
Actions

Also available in: Atom PDF