[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[suse-security] tcpdump and esp packets



Hi all,

I guess it's OT, again.. but I need it quite quickly...

... I need to capture and decrypt esp packets to see, what's in ... 
anybody an idea ?

I already have downloaded and installed the latest libcrypt ( openssl ), 
the latestet tcpdump ( I had to change the "configure" file to get 
"des_cbc_encrypt" implemented ) and the latest libpcap ...

Now, I tried following  : 

tcpdump -i eth0 -w dump.cap -n -vv -E des-cbc:shared-secret ip proto 50 or 
ip proto 51 or udp port 500 or udp port 4500

I see all the ESP packets but I can't see, if it's just a ping, or 
anything else...

I also tried : 

tcpdump -i eth0 -w dump-cap -n -vv -E des-cbc:shared-secret esp host 
IPADDRESSOFTHEREMOTE-SECURED-HOST

but didn't work at all...

any ideas ?

Many thanks,
Alex


-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here