tcpdump mailing list archives
Re: IPSEC
From: Michael Mueller <m.mueller99 () kay-mueller de>
Date: Wed, 29 Sep 2004 09:15:56 +0200
You can use tcpdump -E to decrypt ESP headers. (The tcpdump man page is also kind of cryptic at this point though. Contact me if you have trouble.) For *-cbc (3des-cbc for example) encryption algorithms you will need the patch I just sent to this list. See "tcpdump -E doesn't work for 3des-cbc/hmac-md5".
I haven't tried AH headers. Maybe someone else can tell if they are parsed properly.
Michael Narayanan S RAMABHADRAN wrote:
Hi Is there a version of tcpdump that can parse IPsec headers ? Thanks, Sriram Narayanan Sriram Ramabhadran Graduate student Dept. of Computer Science & Engg. University of California San Diego - This is the tcpdump-workers list. Visit https://lists.sandelman.ca/ to unsubscribe.
- This is the tcpdump-workers list. Visit https://lists.sandelman.ca/ to unsubscribe.
Current thread:
- IPSEC Narayanan S RAMABHADRAN (Sep 28)
- Re: IPSEC Michael Mueller (Sep 29)