-----BEGIN PGP SIGNED MESSAGE-----
>>>>> "Venkatesh" == Venkatesh S Obanaik <[EMAIL PROTECTED]> writes:
Venkatesh> I am trying to use the tcpdump -E [algo:secret] option to
Venkatesh> decryt and print the packets on the host. The scenario is as
Venkatesh> detailed below
Venkatesh> host hwan (sender) ----- host dione (reciever) IPSec ESP
Venkatesh> transport mode security association setup between the hosts.
Venkatesh> When I run the tcpdump command on the reciever (FreeBSD)
Venkatesh> tcpdump -i xl0 -E des-cbc:PASSWORD
Venkatesh> (algorithm used is des-cbc and secret key is PASSWORD)
Venkatesh> However, only the TCP Acknowledgements packets ( dione to
Venkatesh> hwan) are getting decrypted and printed as can be seen below.
Likely, you aren't capturing enough of the packet to actually decrypt it.
Set your "snaplen" (-s ) to at least the size of the network, likely
ethernet, so 1514 should work.
] ON HUMILITY: to err is human. To moo, bovine. | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[
] [EMAIL PROTECTED] http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
Comment: Finger me for keys
iQCVAwUBPk+d6YqHRg3pndX9AQEX8AQA3nHzKcCR5tGHO4RjVxhuAuvycLjK3BGX
ccgUFxkpA7mqk82GfHjuDbsDRDg/h5MCM+cSRgLr88EyPT+7gfdLkxplmRDGvQOz
/dm2TWDTbRuVmWHszo9c567Uz6AaU4+IFdkWkxt1yktBheH6sZlhJhvMqTVViURH
LESTRrshUiY=
=XRti
-----END PGP SIGNATURE-----
-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:[EMAIL PROTECTED]?body=unsubscribe
