search for: isakmpd

Hi! There is a little problem in the security/isakmpd port. There are some gen*.sh scripts in it, which generate some C header (and src) files. These scripts are using awk, tr, etc - some generic UNIX tools. One of the tools has problems with some localisations, so these scripts generate incorrect C-code. Eg, I have Hungarian localisation set, so...

Hi, I have a rekeying problem between FreeBSD4.9 (running isakmpd) and a Cisco 7000 box. The rekeying time of these two are not same, so even they new SAs are created on isakmpd side, the tunnel doesn't work at all. On isakmpd side, I know it creates new SA when SA life time passes 90%. But I don't know when Cisco builds the new SAs. I don't have much...

Are there any tools to decode encrypted part of isakmp provided that identities of both peers are known to me and that I am able to observe the whole exchange ? -- Andriy Gapon

...lly learn names of files that only users in root's group should be able to view." <URL:ftp://oss.sgi.com/projects/fam/download/ChangeLog> <URL:http://www.debian.org/security/2002/dsa-154> +------------------------------------------------------------------------+ Port name: isakmpd Affected: versions < isakmpd-20020403_1 Status: Fixed ``Receiving IKE payloads out of sequence can cause isakmpd(8) to crash.'' <URL:http://www.openbsd.org/errata.html#isakmpd> <URL:http://www.kb.cert.org/vuls/id/287771> +----------------------------------------...

...people that have set the Cisco router have sent me this (Cisco) config file, but that doesn''t help me a lot since I don''t understand nor ipsec nor Cisco syntax that well. So, can anyone help me to make the ipsec configuration? Second, what''s better to use ipsec-tools or isakmpd on Linux-2.6.10. Is the configuration under "Tunnel mode" on http://www.ipsec-howto.org/x282.html the only thing needed to make it work? Any help is appreciated. -- damjan | дамјан This is my jabber ID --> damjan@bagra.net.mk <-- not my mail address!!!

I have a problem I can not identify. Two firewalls with OpenBSD 2.8 sshd version OpenSSH_2.3.0 I do a ssh root at 195.84.181.91 -v SSH Version OpenSSH_2.3.0, protocol versions 1.5/2.0. Compiled with SSL (0x0090581f). debug: Reading configuration data /etc/ssh_config debug: ssh_connect: getuid 0 geteuid 0 anon 0 debug: Connecting to 195.84.181.91 [195.84.181.91] port 22. debug: Allocated

...an amazing diveristy of networking knowledge, and i am staring to get a bit desperate. I need to get a lan-to-lan tunnel working between a Linux firewall (shorewall) and a Netscreen 25 firewall (ScreenOS 4). ANd i cannot find a simple useful guide on how to do this. I cannot get it working via isakmpd or racoon. So, if someone HAS done this, i would love to look at your notes, heck, i could even pay for this service...

I am cross-posting this to openbsd-pf because I am at a complete loss and don't know where the problem lies. I have a OpenBSD ipsec vpn setup between several node sites and one central site. For the most part it seems they are setup fine (isakmpd, pf etc). I can ping, I can do all sorts of nice things over the network. The problem appears when I try to use samba over the vpn. Sometimes, I can login to a server (using smbclient) and there is no problem. Other times, I get this: # smbclient //linux1/public added interface ip=192.168.2.1...

Hi folks, sorry if this has been discussed before, I did a quick search on the mailing list but found nothing pertinent. My question: is it possible to log all data that is sent from the ssh client to the sshd server? Rationale: I'd like to log all commands that users execute when being logged in via ssh. And I mean all, as the system in question is a sensitive production server, so

Howdy, The string of notices on BugTraq about RSAref being vulnerable to overflows has me concerned. After trying to sort through all the messages, I can't figure out whether I need to update OpenSSL (a check of their website indicates no new patches), OpenSSH, both, or neither. I am aware there is no known exploit for it yet. I could be a bad boy and just run all

FYI, looks like support for Racoon is ending. Does anyone have any experience with the version in ipsec-tools ? ---Mike >Racoon users, > >This is the announcement that the kame project will quit providing >a key management daemon, the racoon, and that "ipsec-tools" will become >the formal team to release the racoon. >The final release of the racoon in the