Re: dump of IPSEC and PPTP

[Matt Kettler <mkettler () evi-inc com>]

I don't have packet dumps, but I can point you to some tech specs that 
specify the formats

In the case of IPsec specs are probably better anyway, there's a lot of 
different possible packet configurations for "Ipsec".
For example is it ESP only, or is it ESP and AH. Is there authentication in 
the ESP layer as well as encryption? Are you interested in ISAKMP formats 
for key exchanges well as data packet formats?


GRE:
http://support.microsoft.com/?kbid=241251

PPTP:
http://support.3com.com/infodeli/tools/remote/general/pptp/pptp.htm

IPSEC: (general charter with links to protocol RFCs)
http://www.ietf.org/html.charters/ipsec-charter.html


ESP (the general encryption/authentication layer for ipsec)
http://www.ietf.org/rfc/rfc2406.txt

AH (an authentication only layer for ipsec)
http://www.ietf.org/rfc/rfc2402.txt

ISAKMP (a udp based key exchange protocol for ipsec)
http://www.ietf.org/rfc/rfc2408.txt


At 03:16 PM 5/14/2003 -0600, dreamwvr () dreamwvr com wrote:
> Hi,
>   Anyone happen to have full sample packets of IPSEC and PPTPw/GRE and 
> MPPE ?
> I do not have access to a windows vpn just now for the PPTPvpn or currently a
> IPSEC FreeSWAN vpn. Would appreciate a dump to ascii files so I can analyse
> all the differences. This is OT so sorry if it does not meet
> criteria. Please send off list if possible.
>
> TIA
>
> Best Regards,
> dreamwvr () dreamwvr com



-------------------------------------------------------
Enterprise Linux Forum Conference & Expo, June 4-6, 2003, Santa Clara
The only event dedicated to issues related to Linux enterprise solutions
www.enterpriselinuxforum.com

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users