[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Isakmp and Snort?

To: <tech@openbsd.org>
Subject: Isakmp and Snort?
From: "Jack" <jack_xiao99@hotmail.com>
Date: Thu, 24 May 2001 14:34:58 -0400

Hi All,

Now I want to detect the packets information between two VPN gateways with
Snort. After I setting up isakmpd, the Snort only can catch UDP packets during
phase 1 and have got nothing of ESP or AH packects. As far as I know, Snort
can detect TCP/UDP/ICMP. How about ESP and AH? If it can, how to write the
rules of Snort? I will appreciate your help or hints.

Thanks!

Jack

Follow-Ups:
- Re: Isakmp and Snort?
  - From: "Will Backman" <whb@ceimaine.org>
- Re: Isakmp and Snort?
  - From: Bob Beck <beck@bofh.ucs.ualberta.ca>

Prev by Date: Re: chroot() break
Next by Date: tunnel of isakmp
Prev by thread: RE: ssh port forwarding
Next by thread: Re: Isakmp and Snort?
Index(es):
- Date
- Thread