|
Firewall Wizards
mailing list archives
RE: Whitepaper: a closer look on what goes on behind the scene during the setup of a IPSec remote access VPN
From: Christopher Lee <complexity () bigfoot com>
Date: Mon, 7 Jan 2002 09:49:59 -0500
Carl,
That's a very good question. No, I have not attempted to correlate this with
the fwenc.log file. This white paper was with as little vendor focus as I
could, however it might be interesting to look at that... Perhaps that would
be an interesting update to the existing white paper (i.e. vendor specific
discussions).
Thanks.
Christopher Lee
PGP Fingerprint: 15C1 65D0 E051 C64D 5246 89FC 5AE3 DE2C 8F1E 89A7
Personal Web Page: http://complexity.webhop.net
Quoting Carl Friedberg <friedberg () exs esb com>:
Christopher,
Thank you for your explanation and detective work. Have you tried to
correlate this with the SR-1 client log, which is:
c:\fwenc.log
Just curious...
Carl Friedberg
carl () comets com
-----Original Message-----
From: Christopher Lee [mailto:complexity () bigfoot com]
Sent: Saturday, January 05, 2002 10:39 PM
To: firewall-wizards () nfr com
Subject: [fw-wiz] Whitepaper: a closer look on what goes on behind the
scene during the setup of a IPSec remote access VPN
To the member of the Firewall-Wizards list,
Throughout this Christmas/New Year holidays, I finished reading a few
InfoSec
related books and I find myself ending up with more questions than
answers. I
mean, how does the two phase IPSec key exchange really works (packet by
packet,
that is)... I mean, how does IPSec guard against replaying attack, or
more
fundamentally, how do I know if my login credentials are safe when the
firewall
is doing an Aggressive Mode key exchange (no encryption takes place
during an
aggressive mode key exchange)??
So I then do my own research, base only on documents on the IETF
websites (a
reliable source, I supposed) and the result of my own sniffer trace of a
IPSec
remote access VPN session, and come up with this little white paper on
what
goes on behind the scene during a IPSec VPN setup. I figure, the best
way to
make sure I understands a technologies correctly is to post my finding
on the
web and invite others to critique and comment upon.
While the example in this white paper is that of a CheckPoint VPN, but
its
principle should conver IPSec VPN in general. Please take a look at
this paper
when you get a chance and do drop me a line (and tell me how wrong I am
about
the subject). :-)
This white paper is posted on
http://complexity.webhop.net/closer_look_at_IPSec.html
Regards,
Christopher Lee
PGP Fingerprint: 15C1 65D0 E051 C64D 5246 89FC 5AE3 DE2C 8F1E 89A7
Personal Web Page: http://complexity.webhop.net
-------------------------------------------------
This mail sent through IMP: http://horde.org/imp/
_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards
-------------------------------------------------
This mail sent through IMP: http://horde.org/imp/
_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards
 By Date 
By Thread
Current thread:
|
Intro
