Ethereal-users: RE: Antwort: Re: [Ethereal-users] DECRYPTING IPSEC / ESP PACKETS

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: "Gessler Gerhard" <Gessler@xxxxxxx>
Date: Wed, 11 Aug 2004 10:09:07 +0200
Dear Alex,

for your question you have probably not only selected the wrong list
(ethereal, not tcpdump) but also shown with your question that you have
not understood the concepts of IPsec and its implications to your
question.

IPsec is used so that nobody can decrypt the content of the packets
(which is what you want to do!).

The only possibility I see for *testing purpose" is to use IPsec with
manual keying and then give tcpdump via the -E option the used
encryption key.

Cheers,

	Gerhard 

--------------------------------------------
Gerhard Gessler

Communication Networks, IABG mbH
Einsteinstr. 20
85521 Ottobrunn, Germany

Telefon: +49 89 6088 - 2021
Fax: +49 89 6088 - 2845

E-Mail: gessler@xxxxxxx 

  > -----Original Message-----
  > From: ethereal-users-bounces@xxxxxxxxxxxx 
  > [mailto:ethereal-users-bounces@xxxxxxxxxxxx] On Behalf Of 
  > bleonhardt@xxxxxxxxxxx
  > Sent: Wednesday, August 11, 2004 8:32 AM
  > To: Ethereal user support
  > Subject: RE: Antwort: Re: [Ethereal-users] DECRYPTING IPSEC 
  > / ESP PACKETS
  > 
  > 
  > hi,
  > 
  > it's a little annoying that nobody wants or can help me to 
  > decrypt the 
  > ipsec packets, does anybody know another list where I can send my 
  > questions to ?
  > 
  > -Alex
  > 
  > ethereal-users-bounces@xxxxxxxxxxxx schrieb am 10.08.2004 08:23:27:
  > 
  > > Hi,
  > > 
  > > I already tried tcpdump with option -E but didn't work 
  > ... everything 
  > > I
  > > see is the real IPSec/ESP packet ... not what's 
  > encapsulated in the ESP 
  > > packet...
  > > 
  > > any ideas ?
  > > 
  > > -Alex
  > > 
  > > 
  > > ethereal-users-bounces@xxxxxxxxxxxx schrieb am 10.08.2004 
  > 04:43:28:
  > > 
  > > > Not (t)ethereal, that I know of, but tcpdump has the -E 
  > option ...
  > > > 
  > > > On Mon, 9 Aug 2004 08:41:09 +0200, bleonhardt@xxxxxxxxxxx 
  > > > <bleonhardt@xxxxxxxxxxx> wrote:
  > > > > Hi,
  > > > > 
  > > > > does anybody know, how to decrypt ISPEC / ESP Packets 
  > to see the
  > real
  > > > > packets ?
  > > > > 
  > > > > -Alex
  > > > > 
  > > > > http://www.linux-vpn.de
  > > > > 
  > > > > _______________________________________________
  > > > > Ethereal-users mailing list
  > > > > Ethereal-users@xxxxxxxxxxxx 
  > > > > http://www.ethereal.com/mailman/listinfo/ethereal-users
  > > > >
  > > > 
  > > > _______________________________________________
  > > > Ethereal-users mailing list
  > > > Ethereal-users@xxxxxxxxxxxx 
  > > > http://www.ethereal.com/mailman/listinfo/ethereal-users
  > > 
  > > _______________________________________________
  > > Ethereal-users mailing list
  > > Ethereal-users@xxxxxxxxxxxx 
  > > http://www.ethereal.com/mailman/listinfo/ethereal-users
  > 
  > _______________________________________________
  > Ethereal-users mailing list
  > Ethereal-users@xxxxxxxxxxxx 
  > http://www.ethereal.com/mailman/listinfo/ethereal-users
  >