Add detection rule engine, e.g. for weak SSH algorithms
PeterMosmans opened this issue · comments
Peter Mosmans commented
Check for kex_algorithms
ecdh-sha2-nistp256
ecdh-sha2-nistp384
ecdh-sha2-nistp521
diffie-hellman-group-exchange-sha1
diffie-hellman-group14-sha1
diffie-hellman-group1-sha1
Check for server_host_key_algorithms
ssh-dss
ecdsa-sha2-nistp256
Check for encryption_algorithms
3des-cbc
arcfour
arcfour128
arcfour256
blowfish-cbc
cast128-cbc
Check for mac_algorithms
hmac-md5-etm@openssh.com
hmac-sha1-etm@openssh.com
hmac-sha1-96-etm@openssh.com
hmac-md5-96-etm@openssh.com
hmac-md5
hmac-sha1
hmac-sha1-96
hmac-md5-96
umac-64@openssh.com
Peter Mosmans commented
Added in version 0.42