similar to: Packets Sizes and Information Leakage

This message is a few years old so I cannot reply to the original, but it is still of current research interest. > So one of my coworkers is doing a little research on SSH usage in the > wild using netflow data. One of the things he's trying to do is > determine a way to differentiate between data transfers and interactive > sessions. We thought of a couple of ways but we wanted

On the request of a coworker looking for more information about our SSH users I developed a patch that provides extended logging capability for SSHD. Its been written with an eye towards machine parsing. This patch will write the following information to the standard system log: remote ip, remote port, & remote user name protocol number and client version information Encryption method, MAC

Ah, with an internal block size [Is that what one calls it?] of 64 bytes. From: Damien Miller <djm at mindrot.org> Sent: Wednesday, March 29, 2023 3:08 PM To: Robinson, Herbie <Herbie.Robinson at stratus.com> Cc: Chris Rapier <rapier at psc.edu>; Christian Weisgerber <naddy at mips.inka.de>; openssh-unix-dev at mindrot.org Subject: RE: [EXTERNAL] Re: ChaCha20 Rekey

On Thu, Aug 3, 2023 at 2:35?PM Chris Rapier <rapier at psc.edu> wrote: > > Howdy all, > > So, one night over beers I was telling a friend how you could use the > timing between key presses on a type writer to extract information. > Basically, you make some assumptions about the person typing (touch > typing at so many words per second and then fuzzing the parameters

Hi All, I am running asterisk 1.2. I have a softphone connecting from a coworkers home through their router using IAX2 through our router at the office. Both have port 4569 for TCP and UDP opened and forwarded to the right pc and server. I'm seeing Raw Hangup <person's IP address>, src=0. dst=10787 messages show up in the log like 10 every 5 seconds. We can still make calls and

On Thu, Feb 8, 2024 at 1:18?PM Chris Rapier <rapier at psc.edu> wrote: > > I know that there are some methods to use federated identities (e.g. > OAuth2) with SSH authentication but, from what I've seen, they largely > seem clunky and require users to interact with web browsers to get one > time tokens. Which is sort of acceptable for occasional logins but > doesn't

http://www.psc.edu/networking/projects/hpn-ssh/ Mike Stevens and I just released a new set of high performance networking patches for OpenSSH 3.9p1, 4.0p1, and 4.1p1. These patches will provide the same set of functionality across all 3 revisions. New functionality includes 1) HPN performance even without both sides of the connection being HPN enabled. As long as the bulk data flow is in the

[NB: General information regarding HPN-SSH can be found at http://www.psc.edu/networking/projects/hpn-ssh ] This is a beta release of HPN12 but I'd like to get some user experiences with it if anyone is so inclined. This version of the HPN patch more closely conforms to the openssh nomenclature and coding style, it eliminates the use of command line switches in favor of -o options, it

Practically speaking, most popular IAM and SSO solutions offer OIDC SAML tokens but do not offer Kerberos tickets.? OpenID Connect is a standard which itself is based on RFC6749 (OAuth2). This provides a compelling reason to support it in addition to Kerberos.? I'll also note that OIDC tokens are easy to validate without a bidirectional trust relationship between the IdP and RP. SSH

That's true for block ciphers, but ChaCha20+poly1305 is a stream cipher. On Wed, 29 Mar 2023, Robinson, Herbie wrote: > > I?m hardly an expert on this, but if I remember correctly, the rekey rate > for good security is mostly dependent on the cipher block size.? I left my > reference books at home; so, I can?t come up with a reference for you, but I > would take Chris?

https://bugzilla.mindrot.org/show_bug.cgi?id=1959 Bug #: 1959 Summary: Incorrect Sequence Numbers for NetFlow v9 export. Classification: Unclassified Product: softflowd Version: -current Platform: All OS/Version: All Status: NEW Severity: major Priority: P2 Component: softflowd

Using stock OpenSSH 4.7 I found different behavior when trying to specify the use of the 'none' cipher depending on the command line option nomenclature. This is under linux 2.6.19-web100 using -ocipher=none [root at delta openssh-4.7p1-hpnv19]# /home/rapier/ssh47/bin/scp -S /home/rapier/ssh47/bin/ssh -ocipher=none -P 2222 ~rapier/2gb rapier at localhost:/dev/null rapier at

I'm hardly an expert on this, but if I remember correctly, the rekey rate for good security is mostly dependent on the cipher block size. I left my reference books at home; so, I can't come up with a reference for you, but I would take Chris' "I'm deeply unsure of what impact that would have on the security of the cipher" comment seriously and switch to a cipher with a

On multiple core systems OpenSSH is limited to using a single core for all operations. On these systems this can result in a transfer being processor bound even though additional CPU resources exist. In order to open up this bottleneck we've developed a multi-threaded version of the AES-CTR cipher. Unlike CBC mode, since there is no dependency between cipher blocks in CTR mode we

This is a preliminary release and as such should be used at your own risk. In my testing the application builds under OS X and Linux, passes the regression tests, and file transfer tests on our test connections exhibited a 1600% increase in performance (1.4MB/s versus 20.9MB/s 46ms RTT). This patch (hpn12v10) is available from

The HPN patch set has been updated to work with OpenSSH4.6. This patch can help improve performance of bulk data transfers when using SSH, SCP, or SFTP. Please see http://www.psc.edu/networking/projects/hpn-ssh for more information. The patch is available from the above address or directly with http://www.psc.edu/networking/projects/hpn-ssh/openssh-4.6p1-hpn12v16.diff.gz If you have any

Pp ------Original Message------ From: nate Sender: centos-bounces at centos.org To: CentOS Mailing list ReplyTo: CentOS Mailing list Sent: Feb 23, 2009 8:13 PM Subject: Re: [CentOS] cisco netflow analyzer? Robinson Tiemuqinke wrote: > Anyone knows any Cisco netflow analyzer that could run on Linux/Windows? I > know that cisco ASDM works at somewhat level but too rough... > > For

Howdy, As a note, we now have HPN patch for OpenSSH 4.2 at http://www.psc.edu/networking/projects/hpn-ssh/ Its still part of the last set of patches (HPN11) so there aren't any additional changes in the code. It patches, configures, compiles, and passes make tests without a problem. I've not done extensive testing for this version of openssh but I don't foresee any problems. I

Hi all, I need to setup a netflow reporting tool under CentOS server to collect traffic data from several firewalls. What netflow tool do you recommends me? Of course, Open source. Many thanks. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20061114/b862b4c1/attachment-0002.html>

Several coworkers and I have scattered amongst us all sorts of resources related to the mesh stuff we do (RADIUS, networking, RF, antennas, microwave, R&S, Linux, etc), and most of these resources are in the form of PDF or Word docs. Is there a PHP framework that I can easily "yum install" on a CentOS box that would allow us to login and easily share these resources with each