Security Basics mailing list archives
Re: inter-site WAN security question
From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
Date: Fri, 6 Jul 2007 21:03:07 +0200
On 2007-07-06 Joseph Brown wrote:
That is incorrect. The header is not encrypted.
Depends. In tunnel mode the tunnel endpoint always encypsulates the original packet (including the header) and adds an IP header with its own address as the source. When using an encrypted tunnel (i.e. ESP) the encapsulated original IP packet including the original header IS encrypted.
A person sniffing would be able to see source and destination addresses.
Of the endpoints.
The only way to prevent this would be to using something like the onion router (http://tor.eff.org/).
Yes. Regards Ansgar Wiechers -- "All vulnerabilities deserve a public fear period prior to patches becoming available." --Jason Coombs on Bugtraq
Current thread:
- inter-site WAN security question nobledark (Jul 04)
- Re: inter-site WAN security question Ansgar -59cobalt- Wiechers (Jul 04)
- <Possible follow-ups>
- Re: inter-site WAN security question nobledark (Jul 05)
- RE: inter-site WAN security question David Gillett (Jul 05)
- RE: inter-site WAN security question Dan Denton (Jul 05)
- Re: inter-site WAN security question Dathan Bennett (Jul 05)
- Re: inter-site WAN security question Ansgar -59cobalt- Wiechers (Jul 06)
- Re: inter-site WAN security question Joseph Brown (Jul 06)
- Re: inter-site WAN security question Ansgar -59cobalt- Wiechers (Jul 06)