Re: Transport Mode IPSEC
- From: "Dan Mahoney, System Admin" <danm@xxxxxxxxxxxxxxx>
- Date: Thu, 18 Jan 2007 03:06:25 -0500 (EST)
On Wed, 17 Jan 2007, Ted Mittelstaedt wrote:
Dan,
You do realize, don't you, that since both of these hosts are on a switch,
and are using unicast traffic to communicate with each other, that they
cannot be sniffed, don't you?
That implies trust of the switch, trust against arp-cache poisoning, and the like. The idea of ipsec is not trusting the wire.
With NIS/NFS known for being this inherently secure, would it get me a better answer if I said "with only a single router between them"?
-Dan
--
--------Dan Mahoney--------
Techie, Sysadmin, WebGeek
Gushi on efnet/undernet IRC
ICQ: 13735144 AIM: LarpGM
Site: http://www.gushi.org
---------------------------
_______________________________________________
freebsd-questions@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@xxxxxxxxxxx"
- Follow-Ups:
- Re: Transport Mode IPSEC
- From: Ted Mittelstaedt
- Re: Transport Mode IPSEC
- References:
- Transport Mode IPSEC
- From: Dan Mahoney, System Admin
- Re: Transport Mode IPSEC
- From: Ted Mittelstaedt
- Transport Mode IPSEC
- Prev by Date: Re: Broadcom Nics in Tyan Transport GT24 (B3992)
- Next by Date: Re: Broadcom Nics in Tyan Transport GT24 (B3992)
- Previous by thread: Re: Transport Mode IPSEC
- Next by thread: Re: Transport Mode IPSEC
- Index(es):
Relevant Pages
|
