Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: debugging encrypted part of isakmp
From: Bruce M Simpson (bmsspc.org)
Date: Fri Jan 14 2005 - 09:22:22 CST
On Fri, Jan 14, 2005 at 04:44:19PM +0200, Andriy Gapon wrote:
> So, I am looking for the easiest way to decrypt isakmp packets using
> both packet data and information like pre-shared keys, certificates etc.
There's probably not a lot that you can do here, short of turning on all
the debugging switches you can find for the opaque IKE implementation
you're dealing with; unless the isakmp decoder in tcpdump were modified
to accept keying material. We already do this for AH, ESP, TCP-MD5 but
not IKE itself as that's a non-trivial task.
freebsd-securityfreebsd.org mailing list
To unsubscribe, send any mail to "freebsd-security-unsubscribefreebsd.org"