Re: Request for ssh dumps

[Brandon Enright <bmenrigh () ucsd edu>]

If you give me the command(s) you want me to run against a /16 (or  
three) I'll get them started tonight.  Otherwise I'll work on this  
tomorrow.

Brandon

Sent from my phone.  If you would like a digital signature for this  
email let me know and I will sign it later.


On Jul 9, 2009, at 5:37, ithilgore <ithilgore.ryu.l () gmail com> wrote:

> Hello nmap-dev,
> Since I 've been finishing up the openssh library for Ncrack, I  
> would like to
> check if there is any strange behaviour amongst different SSH  
> implementations
> out there. Specifically, I would really be glad if someone provided  
> me with some
> dumps against some Cisco ssh server or perhaps other exotic  
> implementations. The
> dumps don't need to have any packets after the encryption phase.  
> This means that
> I only want to see the packet exchange up to the part of the diffie- 
> hellman key
> exchange and just before the first encrypted packet leaves on the  
> wire. You can
> also mask any IPs in the dumps, if they belong to internet-routable  
> boxes.
> Ideally the dumps should come from wireshark so that I can check the  
> payloads
> (of course nothing posing any kind of risk can be extracted out of  
> them).
>
> BTW, I have already encountered slightly different behaviour between  
> the OpenSSH
> server and the dropbear SSH server.
>
> Thanks,
> ithilgore
>
>
> _______________________________________________
> Sent through the nmap-dev mailing list
> http://cgi.insecure.org/mailman/listinfo/nmap-dev
> Archived at http://SecLists.Org

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org