Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: IPsecurity theater

From: Joachim Schipper <j.schipper () math uu nl>
Date: Sat, 26 Nov 2005 00:29:25 +0100
On Fri, Nov 25, 2005 at 12:55:39PM -0800, coderman wrote:

Check Point, Cisco, Juniper, * now know that one open port is too
many.  ISAKMP is a 0day slut.

details on fully out of band key management desired; a virtual private
network SHOULD not process / accept any packet that is not authentic
and private.

in ipsec esp/transport//require ah/transport//require;

---

why do all key daemons suck?


While I'm not too sure what you mean, doesn't manual keying solve this
problem?

                Joachim
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: