[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[suse-security] tcpdump and esp packets
I guess it's OT, again.. but I need it quite quickly...
... I need to capture and decrypt esp packets to see, what's in ...
anybody an idea ?
I already have downloaded and installed the latest libcrypt ( openssl ),
the latestet tcpdump ( I had to change the "configure" file to get
"des_cbc_encrypt" implemented ) and the latest libpcap ...
Now, I tried following :
tcpdump -i eth0 -w dump.cap -n -vv -E des-cbc:shared-secret ip proto 50 or
ip proto 51 or udp port 500 or udp port 4500
I see all the ESP packets but I can't see, if it's just a ping, or
I also tried :
tcpdump -i eth0 -w dump-cap -n -vv -E des-cbc:shared-secret esp host
but didn't work at all...
any ideas ?
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here