• 6 Posts
  • 24 Comments
Joined 9 months ago
cake
Cake day: March 1st, 2024

help-circle


  • Im a little knowledgeable with this stuff but i do not know how to see the “handshake” itself, but maybe this is synonymous with what i am doing:

    Right click any of the packets (TCP or SSH) > Follow > TCP stream

    From there i can see some info about the ssh protocol and connection, as well as the 2 devices communicating (Operating systems used) followed by random gibberish which is the encrypted data.

    When I analyze the TCP packet “frames”, they contain data including the motherboard manufacturer, but packets themselves look like its just gibberish.

    Thanks by the way for trying to help me :)














  • This is the first that I have heard about setting the SSH port to only accept connections from the VPN, is there a term or something I can search about this online? Or is this basically just allowing port 22 open on a device and not forwarding the port on the router as when a different device tunnels into the same network through the VPN it can already talk to the first device?


  • But wouldn’t the port being open alert anyone who looks for that? Network security is not my specialty but I believe I have read that people can ping/scan ip addresses easily and quickly to determine if any ports are open / forwarded, so if Wireguard was used or any VPN software, they could pick up on that as an attack vector?