Date: Wed, 08 Jul 2009 19:08:59 +0100 From: Matthew Seaman <m.seaman@infracaninophile.co.uk> To: Daniel Underwood <djuatdelta@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: Network traffic monitoring: BSD monitor & verifying encryption Message-ID: <4A54E0BB.8070405@infracaninophile.co.uk> In-Reply-To: <b6c05a470907080736y528d4029p94a7751dadee07ec@mail.gmail.com> References: <b6c05a470907080615l1e674e07xfda169c75dfd9f59@mail.gmail.com> <4A54AA5E.80706@infracaninophile.co.uk> <b6c05a470907080736y528d4029p94a7751dadee07ec@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --]
Daniel Underwood wrote:
> Thanks for the help.
>
> I couldn't find any flags/fields in TCP packets indicated whether
> encrypted (as in the case of SSH packets). There isn't any, right?
Correct: there isn't anything like that in the TCP headers. Encryption
on TCP streams is an application level thing that only affects packet
payloads.
There are transport layer encryption protocols -- eg. IPSec, OpenVPN, etc.
-- but those allow tunnelling TCP streams through them and aren't necessarily
TCP themselves.
Cheers,
Matthew
--
Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard
Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate
Kent, CT11 9PW
[-- Attachment #2 --]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEUEAREIAAYFAkpU4MEACgkQ8Mjk52CukIxizACWI6yQui1AZOQHWBHoZidulXUQ
HACfaFmTmSlByEfpphk0larrJSbpTlQ=
=AtbU
-----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4A54E0BB.8070405>