[PATCH] random SSH_MSG_IGNORE packets
Damien Miller
djm at mindrot.org
Thu Sep 27 00:45:46 EST 2001
On Wed, 26 Sep 2001, Martin Johansson wrote:
> Hi!
>
> The following patch adds ability to configure the ssh client to
> send SSH[2]_MSG_IGNORE packets of random length at random times
> whithin a user-specified interval. The function is configured by
> setting the config-file options BogusTrafficIntervalMax and
> BogusTrafficIntervalMin, which defines the interval in seconds in
> which the packets are randomly sent. It is disabled by default. It
> suffices to set the Max value to enable the function. The Min then
> defaults to 0. The packet size is not configurable, but hardcoded to
> be random between 1-64 bytes.
>
> The patch does not include any man-page update, but if this is
> something that may go into the main tree, I could put something
> together.
It won't fool traffic analysis very well - most interactive packets
will elicit a reply from the other end as keystrokes are echoed. If
you want to defeat traffic analysis you must also fake this.
-d
--
| Damien Miller <djm at mindrot.org> \ ``E-mail attachments are the poor man's
| http://www.mindrot.org / distributed filesystem'' - Dan Geer
More information about the openssh-unix-dev
mailing list