[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Isakmp and Snort?

	What's the point of looking at the EH or ASP packets in Snort?
all you're going to be looking at is encrypted data frames. Far better
to look at the decrypted side by snorting the inside interface so that
perhaps you can notice anything evil travelling through the gateway.