Date: Wed, 27 Sep 2000 12:50:06 +0200 From: Terje Elde <terje@elde.net> To: Sam wun <swun@eSec.com.au> Cc: "'freebsd-security@freebsd.org'" <freebsd-security@FreeBSD.ORG> Subject: Re: What happened if the pre-share key got cacked? Message-ID: <20000927125006.B59697@dlt.follo.net> In-Reply-To: <39D1B8E8.B5B070FB@eSec.com.au>; from swun@eSec.com.au on Wed, Sep 27, 2000 at 08:07:52PM %2B1100 References: <00BF97DD9F3FD311AB860060084E50DD311C71@exchange.xpert.com> <20000925143807.A401@hal9000.bsdonline.org> <39D1B8E8.B5B070FB@eSec.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
* Sam wun (swun@eSec.com.au) [000927 12:09]: > I am a bit concernt about hte pre-share key that using by the IPsec couple of > client and the server machines. > What if this key got stolent somehow? what will be the consequence? > I am using IPSec in FreeBSD. The pre-share key is used by racoon. The psk.txt > is protected by 600 permission. But what if my root account got cracked? > anyone whom posesses my root account will be able to see the content of the > psk.txt file? Bottom line is that if someone gets your root account you're owned no matter what you do. > It may not be that importnat if the psk.txt got hacked, the hacker still hard > to penetrade in to another machine which also got IPsec setup. Because all > data transfer is protected by IPsec., thus tcpdump will fail. Am I right? If they've got the psk then they'll be able to decrypt (more complicated than that, but let's simplify). Also, if they break into the box which has hte psk.txt file, then it's pretty safe to assume it's one of the endpoints, in which case it'll be able to sniff. Terje To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000927125006.B59697>