Security Basics mailing list archives
Re: inter-site WAN security question
From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
Date: Thu, 5 Jul 2007 22:22:27 +0200
On 2007-07-04 nobledark () hushmail com wrote:
So if I understand you correctly, if someone were sniffing on a router between the two sites and the VPN was in tunnel mode then they would not be able to see the source and destination IP's - is that correct?
Not exactly. They won't be able to see the source and destination IP of hosts behind the VPN endpoints. They will, however, still be able to see the source and destination IPs of the VPN endpoints, so they'll still know that s1 and s2 are communicating with each other, although they might not be able to identify which particular hosts of each site are communicating. Regards Ansgar Wiechers -- "All vulnerabilities deserve a public fear period prior to patches becoming available." --Jason Coombs on Bugtraq
Current thread:
- inter-site WAN security question nobledark (Jul 04)
- Re: inter-site WAN security question Ansgar -59cobalt- Wiechers (Jul 04)
- <Possible follow-ups>
- Re: inter-site WAN security question nobledark (Jul 05)
- RE: inter-site WAN security question David Gillett (Jul 05)
- RE: inter-site WAN security question Dan Denton (Jul 05)
- Re: inter-site WAN security question Dathan Bennett (Jul 05)
- Re: inter-site WAN security question Ansgar -59cobalt- Wiechers (Jul 06)
- Re: inter-site WAN security question Joseph Brown (Jul 06)
- Re: inter-site WAN security question Ansgar -59cobalt- Wiechers (Jul 06)