[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Sniffing a VPN

To: Joe Nall <joe@nall.com>, openbsd <misc@openbsd.org>
Subject: Re: Sniffing a VPN
From: "Rick Ballard" <RichardBallard@xwavesolutions.com>
Date: Fri, 24 Sep 1999 10:21:32 -0300
Organization: xwave solutions

On 24 Sep 99, at 7:46, Joe Nall wrote:

> I have set up a test VPN and have been trying to verify that packets are
> encrypted.  From a third BSD box on the lan between the two gateways I
> was able to use sniffit and ngrep to see tcp/udp traffic before the VPN,
> now neither tool can see any packets when the two subnets are talking. 
> Any clues on a sniffit configuration or another more appropriate tool to
> see the packets?  I want to verify that the traffic is encrypted.

Don't forget that the IPSEC traffic uses a different set of protocols, 
not TCP or UDP. You will have to tell your sniffer to look at these 
other protocols.

>From /etc/protocols:
esp    50      IPSEC-ESP       # Encap Security Payload
ah      51      IPSEC-AH        # Authentication Header

--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Rick Ballard		Phone   : 902-481-4548
xwave solutions		Fax     : 902-468-3679
Halifax,Nova Scotia	Email   : RichardBallard@xwavesolutions.com
Canada			Timezone: Atlantic AST(GMT-4)/ADT(GMT-3)

References:
- Sniffing a VPN
  - From: Joe Nall <joe@nall.com>

Prev by Date: Re: Sniffing a VPN
Next by Date: Re: Odd ssh problem
Prev by thread: Re: Sniffing a VPN
Next by thread: Hello, and a few questions about installing and Console on Serial.
Index(es):
- Date
- Thread