Firewall Wizards mailing list archives
RE: Whitepaper: a closer look on what goes on behind the scene during the setup of a IPSec remote access VPN
From: "Carl Friedberg" <friedberg () exs esb com>
Date: Mon, 7 Jan 2002 00:27:17 -0500
Christopher, Thank you for your explanation and detective work. Have you tried to correlate this with the SR-1 client log, which is: c:\fwenc.log Just curious... Carl Friedberg carl () comets com -----Original Message----- From: Christopher Lee [mailto:complexity () bigfoot com] Sent: Saturday, January 05, 2002 10:39 PM To: firewall-wizards () nfr com Subject: [fw-wiz] Whitepaper: a closer look on what goes on behind the scene during the setup of a IPSec remote access VPN To the member of the Firewall-Wizards list, Throughout this Christmas/New Year holidays, I finished reading a few InfoSec related books and I find myself ending up with more questions than answers. I mean, how does the two phase IPSec key exchange really works (packet by packet, that is)... I mean, how does IPSec guard against replaying attack, or more fundamentally, how do I know if my login credentials are safe when the firewall is doing an Aggressive Mode key exchange (no encryption takes place during an aggressive mode key exchange)?? So I then do my own research, base only on documents on the IETF websites (a reliable source, I supposed) and the result of my own sniffer trace of a IPSec remote access VPN session, and come up with this little white paper on what goes on behind the scene during a IPSec VPN setup. I figure, the best way to make sure I understands a technologies correctly is to post my finding on the web and invite others to critique and comment upon. While the example in this white paper is that of a CheckPoint VPN, but its principle should conver IPSec VPN in general. Please take a look at this paper when you get a chance and do drop me a line (and tell me how wrong I am about the subject). :-) This white paper is posted on http://complexity.webhop.net/closer_look_at_IPSec.html Regards, Christopher Lee PGP Fingerprint: 15C1 65D0 E051 C64D 5246 89FC 5AE3 DE2C 8F1E 89A7 Personal Web Page: http://complexity.webhop.net ------------------------------------------------- This mail sent through IMP: http://horde.org/imp/ _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- Whitepaper: a closer look on what goes on behind the scene during the setup of a IPSec remote access VPN Christopher Lee (Jan 06)
- <Possible follow-ups>
- RE: Whitepaper: a closer look on what goes on behind the scene during the setup of a IPSec remote access VPN Carl Friedberg (Jan 07)
- Re: Whitepaper: a closer look on what goes on behind the scene during the setup of a IPSec remote access VPN Brian Ford (Jan 07)