sshow (8) - Linux Manuals
NAME
sshow - SSH traffic analysis tool
SYNOPSIS
sshow [-d] [-i interface | -p pcapfile] [expression]DESCRIPTION
sshow analyzes encrypted SSH-1 and SSH-2 traffic, identifying authentication attempts, the lengths of passwords entered in interactive sessions, and command line lengths.The following advisory describes the attacks implemented by sshow in detail:
OPTIONS
- -d
- Enable verbose debugging output.
- -i interface
- Specify the interface to listen on.
- -p pcapfile
- Process packets from the specified PCAP capture file instead of the network.
- expression
- Specify a tcpdump(8) filter expression to select traffic to sniff.
AUTHORS
Solar Designer <solar [at] openwall.com> Dug Song <dugsong [at] monkey.org>