some info from packet size, timing, and ordering, but not much. IPSEC
takes a plaintext IP packet and treats the whole thing as a data block
to be encrypted."
SO this would indicate that IPSEC creates a sort of blockage from seeing up to Layers 4/5/6. Now when you say it takes the IP packet, is this just the datagram or is it also he procotol bytes? (I'm assuming the layer-2 information remains intact.) If the protocol bytes are unencrypted, then there's a LOT that can probably be determined about any IP session. If the protocol bytes are encrypted, then this will ot be a very flexible session, no? (More of a secure pipe I guess.)
And then, does IPSEC include specification for MPLS? I would assume that the MPLS header information is not encrypted, simply because the headers have no global significance...
From: "Trei, Peter" <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED], "'Tyler Durden'" <[EMAIL PROTECTED]>
Subject: RE: What email encryption is actually in use?
Date: Mon, 4 Nov 2002 11:00:56 -0500
> ----------
> From: Tyler Durden[SMTP:[EMAIL PROTECTED]]
> Sent: Monday, November 04, 2002 10:13 AM
> To: [EMAIL PROTECTED]
> Subject: RE: What email encryption is actually in use?
>
> The ever-though-provoking Peter Trei wrote...
>
> "A great deal of highly sensitive internal
> email flows over these links, with the encryption totally transparent
> to the end-users."
>
> This is an interesting issue...how much information can be gleaned from
> encrypted "payloads"? Is it possible for a switch or whatever that has
> visibility up to layers 4/5/6 to determine (at least) what type of file is
>
> being sent? Can it determine at what layer encryption was performed?
> (These
> may be obvious to many of you, but I can only claim expertise in layers
> 0/1,
> and pieces of 2. Ok, I have a working knowledge of 3.) It may be possible
> for hardware that examines large numbers of communiques to pre-determine
> that much is of no interest.
>
>
Most the ones I've seen are IPSEC over IPv4. You might be able to glean
some info from packet size, timing, and ordering, but not much. IPSEC
takes a plaintext IP packet and treats the whole thing as a data block
to be encrypted.
_________________________________________________________________
Surf the Web without missing calls! Get MSN Broadband. http://resourcecenter.msn.com/access/plans/freeactivation.asp
