RE: Tcpdump and 3des packets

From: Andrew Hatfield (andrew@hatfields.com.au)
Date: 09/21/01


Subject: RE: Tcpdump and 3des packets
Date: Fri, 21 Sep 2001 23:09:00 +1000
Message-ID: <F9B05628BAE2414A99980964199E954A01CD92@VOYAGER.brisbane.hatfields.com.au>
From: "Andrew Hatfield" <andrew@hatfields.com.au>
To: "Focus-Linux (E-mail)" <focus-linux@lists.securityfocus.com>

Have you tried ethereal?

That is an excellent network sniffer

  --
  Andrew Hatfield
  Head - Internet Security Division

  Hatfield & Associates Pty. Ltd.
  Phone : +61 7 3849 7155
  Fax : +61 7 3849 6277
  Email : info@hatfields.com.au
  Web : http://www.hatfields.com.au/

> -----Original Message-----
> From: Anthony Baxter [mailto:Anthony.Baxter@draig.co.uk]
> Sent: Monday, 17 September 2001 6:58 PM
> To: focus-linux@securityfocus.com
> Subject: Tcpdump and 3des packets
>
>
>
>
> has anybody been able to use tcpdump to decrypt 3des packets,
> i am trying to
> vpn between freeswan and vpn 1, i need to look at these
> packets but tcpdump
> WILLNOT compile with crypto support
>
> mandrake 8.0
>
> this is my first posting, and i not even sure this is the
> right place to
> post so please forgive me.
>
> What are my options are there other sniffers that can decode 3des ???
>
>
> many thanks
>
> anthony
>



Relevant Pages

  • Re: ntpd fails to synchronize on FreeBSD 6.3-STABLE
    ... 12 packets received by filter ... Then let the tcpdump go for about 15 minutes. ... Firewall on my router/gateway is disabled, ... # shutdown -r now ...
    (freebsd-stable)
  • Re: flooding an embedded device with isic and tcpreplay causing different results
    ... You can try use -nn option at tcpdump too, ... now I wondering why the tcpreplay attack don't f*** up the SOHO. ... The tcpdump isn't complete because of "dropped by kernel" packets - ... listening on eth0, link-type EN10MB, capture size ...
    (Pen-Test)
  • Re: Should route, but doesnt
    ... > I bought the Netgear box last June. ... > Packets get from the RedHat 7.2 box to my LAN or to the Internet. ... You might find it useful to watch the packets with tcpdump, ... with the private subnets. ...
    (comp.os.linux.networking)
  • Re: isc-dhcp-server not receiving DHCPDISCOVER
    ... Wireshark is good for interpreting the contents of the packets. ... The biggest thing about tcpdump is that there will almost always be ... Sometimes lots of noise. ... "not port foo" ignores that port. ...
    (Debian-User)
  • RE: NFS regression? Odd delays and lockups accessing an NFS export.
    ... required length to catch whole packets." ... Odd delays and lockups accessing an NFS ... can you provide me with a binary tcpdump or wireshark dump? ... The kernel booted though, so that was okay. ...
    (Linux-Kernel)