Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-12 03:28:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Refactored the SSH analyzer. Added supported for algorithm detection and more key exchange message types.

Browse source
This commit is contained in:
Vlad Grigorescu 2015-01-13 12:02:31 -05:00
parent 245bd07af7
commit 05ecac2497
11 changed files with 745 additions and 328 deletions
Download patch file Download diff file Expand all files Collapse all files

12
src/analyzer/protocol/ssh/SSH.h
View file

@ -31,22 +31,16 @@ protected:
binpac::SSH::SSH_Conn* interp;
void ProcessEncrypted(int len, bool orig);
int AuthResult(int len, bool orig, int version);
bool had_gap;
// Packet analysis stuff
bool auth_decision_made;
bool skipped_banner;
int initial_client_packet_size;
int initial_server_packet_size;
int num_encrypted_packets_seen;
int service_accept_size;
int userauth_failure_size;
bool packet_n_1_is_orig;
int packet_n_1_size;
bool packet_n_2_is_orig;
int packet_n_2_size;
};
} } // namespace analyzer::*