[unisog] Opinion on L2TP/IPSEC?

Schley Andrew Kutz a.kutz at its.utexas.edu
Tue Sep 26 15:29:19 GMT 2006


I meant no disrespect, I just know for a fact that IPSec from MS is
interoperable with other implementations.

-- 
-a

ITS at The University of Texas at Austin

name:	Schley Andrew Kutz, MCSD, GCWN
mail:	a.kutz at its.utexas.edu
work:	512.475.9246

Please do not hesitate to call or e-mail me if you have any questions or
concerns!  

> -----Original Message-----
> From: unisog-bounces at lists.dshield.org 
> [mailto:unisog-bounces at lists.dshield.org] On Behalf Of 
> Darden, Patrick S.
> Sent: Tuesday, September 26, 2006 10:09 AM
> To: UNIversity Security Operations Group
> Subject: Re: [unisog] Opinion on L2TP/IPSEC?
> 
> 
> Yeah, Peter.  Go kill yourself.  Nyah nyah!  
> 
> (Just kidding folks.  I have a lot of respect for Peter.  His 
> role in I2, his security articles, his geek-fu in almost 
> every subject, and his willingness to help others out is 
> almost legendary.)
> 
> --Patrick
> 
> -----Original Message-----
> From: unisog-bounces at lists.dshield.org
> [mailto:unisog-bounces at lists.dshield.org]On Behalf Of Schley 
> Andrew Kutz
> Sent: Tuesday, September 26, 2006 10:01 AM
> To: UNIversity Security Operations Group
> Subject: Re: [unisog] Opinion on L2TP/IPSEC?
> 
> 
> > to make MS IPSec incompatable with anyone elses IPSec
> 
> This is inaccurate.  As I said, it works fine with OpenSwan 
> using Certs and Shared Keys.  
> 
> > I don't know if this is still true though.
> 
> So perhaps check if it is before claiming otherwise.
> 
> --
> -a
> 
> ITS at The University of Texas at Austin
> 
> name:	Schley Andrew Kutz, MCSD, GCWN
> mail:	a.kutz at its.utexas.edu
> work:	512.475.9246
> 
> Please do not hesitate to call or e-mail me if you have any 
> questions or concerns!  
> 
> > -----Original Message-----
> > From: unisog-bounces at lists.dshield.org 
> > [mailto:unisog-bounces at lists.dshield.org] On Behalf Of Peter Van Epp
> > Sent: Monday, September 25, 2006 2:06 PM
> > To: UNIversity Security Operations Group
> > Subject: Re: [unisog] Opinion on L2TP/IPSEC?
> > 
> > On Mon, Sep 25, 2006 at 01:44:39PM -0500, Julian Y. Koh wrote:
> > > -----BEGIN PGP SIGNED MESSAGE-----
> > > Hash: SHA1
> > > 
> > > At 13:28 -0500 09/25/2006, Schley Andrew Kutz wrote:
> > > >What is wrong with MS IPSec?
> > > 
> > > Nothing, as long as you refer to is as "MS IPSec".
> > > 
> > > :)
> > > 
> > 
> > 	Which would presumably be because MS IPSec != IPSec due 
> to Microsoft 
> > using a K5 optional field to add some proprietery Windows 
> data to make 
> > MS IPSec incompatable with anyone elses IPSec and then 
> rattled their 
> > lawyers (over their "trade secrets" in the optional field) 
> at anyone 
> > talking about reverse engineering the fields to make it 
> interoperate.
> > I don't know if this is still true though.
> > 
> > Peter Van Epp / Operations and Technical Support Simon Fraser 
> > University, Burnaby, B.C. Canada 
> > _______________________________________________
> > unisog mailing list
> > unisog at lists.dshield.org
> > http://lists.dshield.org/mailman/listinfo/unisog
> > 
> 
> _______________________________________________
> unisog mailing list
> unisog at lists.dshield.org
> http://lists.dshield.org/mailman/listinfo/unisog
> 
> _______________________________________________
> unisog mailing list
> unisog at lists.dshield.org
> http://lists.dshield.org/mailman/listinfo/unisog
> 



More information about the unisog mailing list