On Mon, Jun 29, 2015 at 2:02 AM, Jim Klimov <jimkli...@cos.ru> wrote:
> Got no qualms about ssh (or openvpn) on port 443 - indeed, if one sets up > something non-standard, gotta be ready for the consequences. And to all > ids'es and sniffers, cryptotraffic looks much the same (different dynamic > flow patterns may be discerned by the smarter filters out there though). > I think you underestimate sniffers and IDS's. While it's true that individual TCP packets in an encrypted stream may look the same, TLS and SSH have very different initial negotiation routines. I've never encountered a sniffer that did protocol identification and didn't know the difference. Now, distinguishing between two protocols that *both* use TLS would be more difficult. -- D. Brodbeck System Administrator, Linguistics University of Washington GPG key fingerprint: 0DB7 4B50 8910 DBC5 B510 79C4 3970 2BC3 2078 D875 _______________________________________________ openindiana-discuss mailing list openindiana-discuss@openindiana.org http://openindiana.org/mailman/listinfo/openindiana-discuss
