From owner-freebsd-security Mon Sep 6 22:39:21 1999 Delivered-To: freebsd-security@freebsd.org Received: from netserv.osi.ru (netserv.osi.ru [195.178.193.139]) by hub.freebsd.org (Postfix) with ESMTP id C6A4815008 for ; Mon, 6 Sep 1999 22:39:12 -0700 (PDT) (envelope-from ks@itp.ac.ru) Received: from ntgate.osi.ru (ntgate.osi.ru [195.178.194.141]) by netserv.osi.ru (8.9.1a/8.9.1) with SMTP id JAA09478; Tue, 7 Sep 1999 09:40:02 +0400 (MSK/MSD) Received: from speecart.osi.ru ([195.178.194.35]) by ntgate.osi.ru (Lotus SMTP MTA v4.6.5 (863.2 5-20-1999)) with SMTP id C32567E5.001F1B5E; Tue, 7 Sep 1999 09:39:46 +0400 Message-ID: X-Mailer: XFMail 1.2 [p0] on FreeBSD X-Priority: 3 (Normal) Content-Type: text/plain; charset=KOI8-R Content-Transfer-Encoding: 8bit MIME-Version: 1.0 In-Reply-To: <37D496A5.A0576E0F@aracnet.com> Date: Tue, 07 Sep 1999 09:41:21 +0400 (MSD) Reply-To: ks@itp.ac.ru Organization: OSI AF, Moscow office From: "Sergey S. Kosyakov" To: dmp@aracnet.com Subject: RE: Layer 2 ethernet encryption? Cc: freebsd-security@freebsd.org Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On 07-Sep-99 dmp@aracnet.com wrote: > Is it possible to encrypt ethernet packets so that all layers above > layer 2 would be encrypted? The idea I had was to make a device that > could defeat a TCP sniffer by encrypting the IP headers. Is this > doable? Viable? A reinvention of the wheel? > You can establish secure tunnel with TUND - over tun(4) pseudo-devices if you use routing, or over divert(4) sockets with ipfw(8) rules for LAN. --- ---------------------------------- E-Mail: Sergey S. Kosyakov Date: 07-Sep-99 Time: 09:39:12 ---------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message