Security Basics mailing list archives
Re: How to find a strength of the ipsec encryption or sniff the ipsec traffic
From: Shawn Merdinger <shawnmer () gmail com>
Date: Mon, 27 Sep 2010 14:23:59 -0400
"man tcpdump" -E Use spi@ipaddr algo:secret for decrypting IPsec ESP packets that are addressed to addr and contain Security Parameter Index value spi. This combination may be repeated with comma or newline separation. Note that setting the secret for IPv4 ESP packets is supported at this time. Algorithms may be des-cbc, 3des-cbc, blowfish-cbc, rc3-cbc, cast128-cbc, or none. The default is des-cbc. The ability to decrypt packets is only present if tcpdump was compiled with crypâ tography enabled. secret is the ASCII text for ESP secret key. If preceded by 0x, then a hex value will be read. The option assumes RFC2406 ESP, not RFC1827 ESP. The option is only for debugging purposes, and the use of this option with a true `secret' key is discouraged. By presenting IPsec secret key onto command line you make it visible to others, via ps(1) and other occasions. Cheers, --scm On Mon, Sep 27, 2010 at 8:30 AM, Muruganandam <muruganandam.c () gmail com> wrote:
How to find the strength of the ipsec encryption and sniff the ipsec traffic.
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- How to find a strength of the ipsec encryption or sniff the ipsec traffic Muruganandam (Sep 27)
- Re: How to find a strength of the ipsec encryption or sniff the ipsec traffic Shawn Merdinger (Sep 27)