[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] IPsecurity theater

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] IPsecurity theater
From: Joachim Schipper <j.schipper@xxxxxxxxxx>
Date: Sat, 26 Nov 2005 00:29:25 +0100

On Fri, Nov 25, 2005 at 12:55:39PM -0800, coderman wrote:
> Check Point, Cisco, Juniper, * now know that one open port is too
> many.  ISAKMP is a 0day slut.
> 
> details on fully out of band key management desired; a virtual private
> network SHOULD not process / accept any packet that is not authentic
> and private.
> 
> in ipsec esp/transport//require ah/transport//require;
> 
> ---
> 
> why do all key daemons suck?

While I'm not too sure what you mean, doesn't manual keying solve this
problem?

                Joachim
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] IPsecurity theater
  - From: coderman

References:
- [Full-disclosure] IPsecurity theater
  - From: coderman

Prev by Date: RE: [inbox] Re: [Full-disclosure] Hacking Boot camps!
Next by Date: Re: [Full-disclosure] IPsecurity theater
Previous by thread: [Full-disclosure] IPsecurity theater
Next by thread: Re: [Full-disclosure] IPsecurity theater
Index(es):
- Date
- Thread