From owner-freebsd-security  Mon Sep  6 22:33:15 1999
Delivered-To: freebsd-security@freebsd.org
Received: from noop.colo.erols.net (noop.colo.erols.net [207.96.1.150])
	by hub.freebsd.org (Postfix) with ESMTP id 0A9A514F53
	for <freebsd-security@freebsd.org>; Mon,  6 Sep 1999 22:33:13 -0700 (PDT)
	(envelope-from gjp@noop.colo.erols.net)
Received: from localhost ([127.0.0.1] helo=noop.colo.erols.net)
	by noop.colo.erols.net with esmtp (Exim 2.12 #1)
	id 11ODsJ-000AGn-00; Tue, 7 Sep 1999 01:32:59 -0400
To: dmp@aracnet.com
Cc: freebsd-security@freebsd.org
From: "Gary Palmer" <gpalmer@freebsd.org>
Subject: Re: Layer 2 ethernet encryption? 
In-reply-to: Your message of "Mon, 06 Sep 1999 21:37:57 PDT."
             <37D496A5.A0576E0F@aracnet.com> 
Date: Tue, 07 Sep 1999 01:32:58 -0400
Message-ID: <39480.936682378@noop.colo.erols.net>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

dmp@aracnet.com wrote in message ID
<37D496A5.A0576E0F@aracnet.com>:
> Is it possible to encrypt ethernet packets so that all layers above
> layer 2 would be encrypted?  The idea I had was to make a device that
> could defeat a TCP sniffer by encrypting the IP headers.  Is this
> doable?  Viable?  A reinvention of the wheel?

How would you route the traffic?  No routers would be able to pass the
traffic.

If you are doing this for a local LAN, I suggest you have bigger
problems :)


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message