Re: [tcpdump-workers] IPSEC

Michael Mueller Wed, 29 Sep 2004 00:16:39 -0700

You can use tcpdump -E to decrypt ESP headers. (The tcpdump man page is also kind of cryptic at this point though. Contact me if you have trouble.) For *-cbc (3des-cbc for example) encryption algorithms you will need the patch I just sent to this list. See "tcpdump -E doesn't work for 3des-cbc/hmac-md5".

I haven't tried AH headers. Maybe someone else can tell if they are parsed properly.

Michael

Narayanan S RAMABHADRAN wrote:

Hi

   Is there a version of tcpdump that can parse IPsec headers ?

   Thanks,
   Sriram

   Narayanan Sriram Ramabhadran
   Graduate student
   Dept. of Computer Science & Engg.
   University of California San Diego

-
This is the tcpdump-workers list.
Visit https://lists.sandelman.ca/ to unsubscribe.


-
This is the tcpdump-workers list.
Visit https://lists.sandelman.ca/ to unsubscribe.

Re: [tcpdump-workers] IPSEC

Reply via email to