[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Looking for an IPsec packet analyzer
Anyone wanted to trace/decode just the headers (without having a clue of the
contents - which would mostly be encrypted), then you can use any one of the
IPSEC routers out there that has ISAKMP/ESP/AH protocol analysis:
Target device-----------IPSEC router-----------IPSEC source
The ISAKMP/ESP/AH pacjets passing through 'IPSEC router' could then be
analysed by its protocol trace engine.
We have a GUI tool that provides ISAKMP/ESP/AH decode in full colour, but
it's not a LAN sniffer as such. If anyone is interested, I can send an
example ISAKMP analysis.
Steve.
-----Original Message-----
From: Shoichi Sakane [mailto:sakane@ydc.co.jp]
Sent: Friday, February 26, 1999 11:41 AM
To: suresh@livingston.com
Cc: ipsec@tis.com
Subject: Re: Looking for an IPsec packet analyzer
> Can someone point me to one or more vendors that provide IPsec and
> IKE trafiic decoding in their traffic analyser software?
> Specifically, I am looking for the following:
> 1. IPSec AH and ESP header decoding
> 2. IKE header and payload decoding (while in the clear)
There is tcpdump in KAME that is IPv6/IPsec stack for BSD*.
KAME's tcpdump can decode some packet of both IKE in part of
phase 1 and IPsec.
Please refer to http://www.kame.net/
/Shoichi `NE' Sakane/