Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Security Basics: Re: inter-site WAN security question

Re: inter-site WAN security question

From: Ansgar -59cobalt- Wiechers <bugtraq_at_planetcobalt.net>
Date: Fri, 6 Jul 2007 21:03:07 +0200

On 2007-07-06 Joseph Brown wrote:
> That is incorrect. The header is not encrypted.

Depends. In tunnel mode the tunnel endpoint always encypsulates the
original packet (including the header) and adds an IP header with its
own address as the source. When using an encrypted tunnel (i.e. ESP) the
encapsulated original IP packet including the original header IS
encrypted.

> A person sniffing would be able to see source and destination
> addresses.

Of the endpoints.

> The only way to prevent this would be to using something like the
> onion router (http://tor.eff.org/).

Yes.

Regards
Ansgar Wiechers 

-- 
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq
Received on Jul 06 2007
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos