Honeypots mailing list archives
Re: honeypots Digest 5 Jul 2006 18:33:45 -0000 Issue 691
From: Siim Põder <siim.poder_1398 () eesti ee>
Date: Tue, 11 Jul 2006 20:26:37 +0300
Hi. On 06.07.2006 10:49, George wrote:
How you will intercept the crypted traffic from ssh? Is sebek so powerful to decrypt ssh? There is a honeypot that act as a ssh server but also write somewhere decrypted? You will make a forensics analyse?
I've been pondering on a tool that would decrypt ssh for some time now (ethereal plugin maybe?), but since there hasn't been a real need, it's not a priority. Of course, it would need the private keys to work (which is not a problem for a honeypot).
Anyone knows of such a tool in existance already? -- Siim Põder"What the hell", he thought, "you're only young once", and threw himself out of the window. That would at least keep the element of surprise on his side.
-- Douglas Adams
Current thread:
- Re: honeypots Digest 5 Jul 2006 18:33:45 -0000 Issue 691 George (Jul 06)
- Re: honeypots Digest 5 Jul 2006 18:33:45 -0000 Issue 691 Yannis Corovesis (Jul 06)
- Re: honeypots Digest 5 Jul 2006 18:33:45 -0000 Issue 691 Siim Põder (Jul 12)
- Re: honeypots Digest 5 Jul 2006 18:33:45 -0000 Issue 691 ader (Jul 12)
- Re: honeypots Digest 5 Jul 2006 18:33:45 -0000 Issue 691 Mark J. Hufe (Jul 12)
- Re: honeypots Digest 5 Jul 2006 18:33:45 -0000 Issue 691 ader (Jul 12)
- Re: honeypots Digest 5 Jul 2006 18:33:45 -0000 Issue 691 ader (Jul 12)