Nelson, I think you are misunderstanding. AH (Authentication Header), ESP (Encapsulating Security Payload), etc. are all headers in an IPSec packet. There is no such thing as "sending an AH packet). When I referred to my previous past as a tool to craft "ESP packets" I am in other words saying, "crafting IPSec packets". As all of these headers make up the IP Security protocol suite. Loki www.fatelabs.com On Tuesday 25 September 2001 04:31 pm, Nelson Brito wrote: > : Loki wrote: > : > Also, AH isn't a "packet" it > : > provides authentication mechanisms for IP datagrams and protection > > against > > : > replay attacks. > > So, AH and ESP is a packet, in "IPSec Securing VPNs" from RSA Press, the > author Carlton R. Davis shays: > pg. 199: "In tunnel mode AH is inserted before the original IP header and a > new IP header is inserted in front of the AH." > > So, you'll see this "PACKET" like a "AH PACKET", am I wrong? I don't think > so. > > See the diagrams: > IPv4 Header before applying AH: > [variable-length] [transport protocol] [transport protocol] > [ option filed ] [ header ][ data ] > > IPv4 Header after apllying AH: > [new IP Header] [ authentication ] [original IP header] [TPH] [TPD] > [ option field ] [header, a.k.a AH] [ option field ] [ ] > [ ] > > : Then "ESP" isn't really a packet either, since it's just the encrypted > : payload. By the way, you can have a "AH" packet i.e. > > Good point of view. ;-) > > : Just my $0.02 on this. > > Send me the number of yours Bank account. ;-) > > Sem mais, ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Mon Nov 26 2001 - 11:51:19 PST