[Snort-users] dump of IPSEC and PPTP
mkettler at ...4108...
Wed May 14 15:50:05 EDT 2003
I don't have packet dumps, but I can point you to some tech specs that
specify the formats
In the case of IPsec specs are probably better anyway, there's a lot of
different possible packet configurations for "Ipsec".
For example is it ESP only, or is it ESP and AH. Is there authentication in
the ESP layer as well as encryption? Are you interested in ISAKMP formats
for key exchanges well as data packet formats?
IPSEC: (general charter with links to protocol RFCs)
ESP (the general encryption/authentication layer for ipsec)
AH (an authentication only layer for ipsec)
ISAKMP (a udp based key exchange protocol for ipsec)
At 03:16 PM 5/14/2003 -0600, dreamwvr at ...5274... wrote:
> Anyone happen to have full sample packets of IPSEC and PPTPw/GRE and
> MPPE ?
>I do not have access to a windows vpn just now for the PPTPvpn or currently a
>IPSEC FreeSWAN vpn. Would appreciate a dump to ascii files so I can analyse
>all the differences. This is OT so sorry if it does not meet
>criteria. Please send off list if possible.
>dreamwvr at ...5274...
More information about the Snort-users