Dear all,
At the beginning after the moment that eve-ng was just installed, I tried to set the sshd port other than 22 and deny the remote login of root. The root password is also changed to some symbols like "!" or "%". But I failed to open the wireshark to capture packets from the pipe from plink, even I changed the wireshark_wrapper.bat with new username and password and added "-P port_number" to plink.
Of cause, if I change the user in wireshark_wrapper.bat to root, sshd port to 22 and root password to lowercase, uppercase characters and numbers, I will successfully make wireshark capture the packets.
Of cause, I already configured the firewall of eve-ng.
Thanks at first.
How to make eve-ng more secure on ssh?
Moderator: mike
-
- Posts: 5084
- Joined: Wed Mar 15, 2017 4:44 pm
- Location: London
- Contact:
Re: How to make eve-ng more secure on ssh?
from old unl days I have one dock, when we secured wireshark sessions with keys
and not a password.
But dont ask more about it.
We do not support it anymore.
Uldis
and not a password.
But dont ask more about it.
We do not support it anymore.
Uldis
You do not have the required permissions to view the files attached to this post.
-
- Posts: 8
- Joined: Sun May 27, 2018 1:03 am
Re: How to make eve-ng more secure on ssh?
Thanks, UD.
It is a good idea to setup a sudoer for wireshark to run tcpdump only.
It is a good idea to setup a sudoer for wireshark to run tcpdump only.