Re: A tool for crafting ESP packets

[Loki <loki () fatelabs com>]

Nelson,
I think you are misunderstanding. AH (Authentication Header), ESP 
(Encapsulating Security Payload), etc. are all headers in an IPSec packet. 
There is no such thing as "sending an AH packet). When I referred to my 
previous past as a tool to craft "ESP packets" I am in other words saying, 
"crafting IPSec packets". As all of these headers make up the IP Security 
protocol suite.

Loki
www.fatelabs.com


On Tuesday 25 September 2001 04:31 pm, Nelson Brito wrote:
> : Loki wrote:
> : > Also, AH isn't a "packet" it
> : > provides authentication mechanisms for IP datagrams and protection
>
> against
>
> : > replay attacks.
>
> So, AH and ESP is a packet, in "IPSec Securing VPNs" from RSA Press, the
> author Carlton R. Davis shays:
> pg. 199: "In tunnel mode AH is inserted before the original IP header and a
> new IP header is inserted in front of the AH."
>
> So, you'll see this "PACKET" like a "AH PACKET", am I wrong? I don't think
> so.
>
> See the diagrams:
> IPv4 Header before applying AH:
> [variable-length] [transport protocol] [transport protocol]
> [  option filed   ] [        header          ][          data           ]
>
> IPv4 Header after apllying AH:
> [new IP Header] [  authentication   ]  [original IP header] [TPH] [TPD]
> [  option field    ] [header, a.k.a AH] [   option field       ] [        ]
> [       ]
>
> : Then "ESP" isn't really a packet either, since it's just the encrypted
> : payload.  By the way, you can have a "AH" packet i.e.
>
> Good point of view. ;-)
>
> : Just my $0.02 on this.
>
> Send me the number of yours Bank account. ;-)
>
> Sem mais,

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/