Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

basics logo Security Basics mailing list archives

Re: inter-site WAN security question
From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
Date: Fri, 6 Jul 2007 21:03:07 +0200
On 2007-07-06 Joseph Brown wrote:

That is incorrect.  The header is not encrypted.


Depends. In tunnel mode the tunnel endpoint always encypsulates the
original packet (including the header) and adds an IP header with its
own address as the source. When using an encrypted tunnel (i.e. ESP) the
encapsulated original IP packet including the original header IS
encrypted.


A person sniffing would be able to see source and destination
addresses.


Of the endpoints.


The only way to prevent this would be to using something like the
onion router (http://tor.eff.org/).


Yes.

Regards
Ansgar Wiechers
-- 
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]