Rogdham

Introducing PASTA, another SSH trafic analyser

I am glad to share with you PASTA, a student project that I co-authored with Haradwaith and M. Blue in Spring 2012.

Stepping stone detection with PASTA

As per its recursive acronym name, PASTA is a forensics tool to extract meaningful informations out of a traffic dump. This includes:

So if you have a traffic capture on a server which was used as a stepping stone, PASTA should identify the two connections used in the chain, and also evaluate the number of stepping stones remaining before getting to the last server of the chain.

The program works thanks to tshark and Python 2.7, and is highly modular: you can easily create your own plugin to extends the feature set.

If you want to give it a try, feel free to download or octogitpus it on GitHub!

This article is released under the CC BY-SA licence.

PASTA is realeased under GNU GPL.

Short URL: http://r.rogdham.net/19.