Re: debugging encrypted part of isakmp

看板FB_security作者時間21年前 (2005/01/15 23:30), 編輯推噓0(000)
留言0則, 0人參與, 最新討論串4/6 (看更多)
on 14.01.2005 16:07 Bruce M Simpson said the following: > On Fri, Jan 14, 2005 at 11:54:36AM +0200, Andriy Gapon wrote: > man 8 isakmpd: > > %%% > -L Enable IKE packet capture. When this option is given, isakmpd > will capture to file an unencrypted copy of the negotiation pack- > ets it is sending and receiveing. This file can later be read by > tcpdump(8) and other utilities using pcap(3). > %%% > The problem is it is not isakmpd. Here's more information: I am trying to reverse-engineer asymmetric xauth/mode cfg exchange between third-party VPN/ipsec client and server. I know all configuration parameters for both, but I don't have any access to internal workings. At this point, I also have too little information to successfully emulate either side, but I know what phase1 mode they use and what key material they have. So, I am looking for the easiest way to decrypt isakmp packets using both packet data and information like pre-shared keys, certificates etc. -- Andriy Gapon _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
更多 avg. 的文章
文章代碼(AID): #11wJS500 (FB_security)
更多 avg. 的文章
文章代碼(AID): #11wJS500 (FB_security)