If you are looking for an extremely basic test, you could watch your
packets with tcpdump and see how randomized the data is that leaves or
enters your interface (as unencrypted traffic tends to have patterns
associated with it. IE: a telnet sessions data has a characteristic
pattern you can see by viewing the packet.).
You could also intercept packets with a known statement in them and see if
you could read the statement using a sniffer. If you can, the info is not
encrypted.
Just some basic ideas. Please let me know if this helps.
Cliff
On Thu, 2 Mar 2000, Umesh Mallugari wrote:
> Hi folks,
>
> Could you tell me how to test the
> security robustness of a SSH server?
> Are there any tools available out there?
>
> Thank you.
>
> -Umesh.
>
