: Loki wrote:
:
: > Also, AH isn't a "packet" it
: > provides authentication mechanisms for IP datagrams and protection
against
: > replay attacks.
So, AH and ESP is a packet, in "IPSec Securing VPNs" from RSA Press, the
author Carlton R. Davis shays:
pg. 199: "In tunnel mode AH is inserted before the original IP header and a
new IP header is inserted in front of the AH."
So, you'll see this "PACKET" like a "AH PACKET", am I wrong? I don't think
so.
See the diagrams:
IPv4 Header before applying AH:
[variable-length] [transport protocol] [transport protocol]
[ option filed ] [ header ][ data ]
IPv4 Header after apllying AH:
[new IP Header] [ authentication ] [original IP header] [TPH] [TPD]
[ option field ] [header, a.k.a AH] [ option field ] [ ]
[ ]
: Then "ESP" isn't really a packet either, since it's just the encrypted
: payload. By the way, you can have a "AH" packet i.e.
Good point of view. ;-)
: Just my $0.02 on this.
Send me the number of yours Bank account. ;-)
Sem mais,
--
# Nelson Brito
# Security Consultant and Penetration Tester
while(<>){split(//, $_); print reverse @_;}
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Mon Nov 26 2001 - 11:52:18 PST