From owner-freebsd-security Mon Sep 6 22:47:41 1999 Delivered-To: freebsd-security@freebsd.org Received: from guppy.pond.net (guppy.pond.net [205.240.25.2]) by hub.freebsd.org (Postfix) with ESMTP id C036915780 for ; Mon, 6 Sep 1999 22:47:39 -0700 (PDT) (envelope-from dmp@aracnet.com) Received: from aracnet.com (snapuser2-89.pacificcrest.net [216.36.34.89]) by guppy.pond.net (8.9.3/8.9.3) with ESMTP id WAA21494; Mon, 6 Sep 1999 22:44:53 -0700 (PDT) From: dmp@aracnet.com Message-ID: <37D4A6E0.F49A6F87@aracnet.com> Date: Mon, 06 Sep 1999 22:47:12 -0700 X-Mailer: Mozilla 4.6 [en] (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: "Bryan Smith (Administrator)" Cc: freebsd-security@FreeBSD.ORG Subject: Re: Layer 2 ethernet encryption? References: Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org "Bryan Smith (Administrator)" wrote: > > where would you implement this on the system? A layer 2 bridge between the NIC and the network. > I just use SSH. SSH still requires that unencrypted IP headers be used, allowing a sniffer to see the traffic. > On Mon, 6 Sep 1999 dmp@aracnet.com wrote: > > > My apologies if this shouldn't be posted to this group, but I didn't > > know of any other place where an open discussion among "friends" > > could take place. If I should take this elsewhere, just let me know. > > > > Is it possible to encrypt ethernet packets so that all layers above > > layer 2 would be encrypted? The idea I had was to make a device that > > could defeat a TCP sniffer by encrypting the IP headers. Is this > > doable? Viable? A reinvention of the wheel? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message