Professional Documents
Culture Documents
IPsecQuestionSolution PDF
IPsecQuestionSolution PDF
236350
,"
'28.8.08 ,
:"
:
:
: .
4 . .
12 , . .
.
10 .
. .
. .
:
).(http
) telnet ( ,
.
:Netwix USA-
o IPsec transport mode- .Netwix USA-
Netwix Israel- .
o ) (Transport Mode-
,Netwix USA ,Tunnel Mode- Netwix -
.Israel
o ) ," ,(GWF " .GWA
. ' SPD- ,GWA- Gateway-
Netwix Israel , . ,
ESP ) AH ( ,
) / (.
. transport mode-
,Netwix USA- . SPD-
, Netwix USA-
? , . , SPD-
.
. ,Netwix USA -
Tunnel mode" .gateways- chosen plaintext attack
, ) (P,C . ) Netwix Israel
( , GWF GWB- " ) SA ,
( . ) ,
.(Firewall-
.
) (Netwix Israel , IPsec ,
.Tunnel mode- .IKE ,
).(pss
.
.
.
IKE ,
Main mode : ?Aggressive Mode.
' .IKE
' .
.
" " ) IP- .(b
) .(x-
x- ,b- .GWA-
Transport mode- ?
:
..
. SPD- ,ACK ,
.
. GWB .ciphertext
:
telnet .Netwix USA-
.i
Netwix USA- Tunnel- GWB,GWF-
.ii
" .GWB
" , telnet .Netwix USA ,
, " GWB" SA
. , ping
, telnet , . "
,GWB GWF- ." sniffing
.
:
GWB- GWF- , -
.SPD-
. ,Main mode- pss- IP .
.Aggressive Mode
..
. :
'
'
Application
Application
TCP/UDP
TCP/UDP
IPsec
IP: x->b
IP: x->b
IPsec
IPsec
IP: GWA->b
IP: GWA->b
MAC
MAC
Src. Addr.
Netwix-IL
Dst. Addr.
Any
Protocol
Any
Src. Port
Any
Dst. Port
Any
Action
Drop
httpRuleIn
Any
Netwix-IL
TCP
80
>1023
Forward
telnetRule1
Netwix-US
Netwix-IL
TCP
23
>1023
Secure
ESP, Sign+Encrypt
telnetRule2
Netwix-US
Netwix-IL
TCP
>1023
23
Secure
ESP, Sign+Encrypt
GWB
GWF
IPsec
any
any
Forward
Netwix-US
SubnetF
IPsec
any
any
Forward
Any
Any
Any
Any
Any
drop
FinanceTunnel
FinanceTransport
default
Additional Parameters
Any
Netwix-IL
Any
Any
Any
Secure
IKERule
Any
GWA
UDP
500
500
Forward
ESP, Sign+Encrypt
') : (
.1 , ,Gateway , .IP-spoofing , SPD-:
Additional Parameters
Action
Drop
Src. Port
Any
Dst. Port
Any
Protocol
Any
Dst. Addr.
Any
Src. Addr.
Netwix-IL
Rule
Spoof
Action
drop
Src. Port
Any
Dst. Port
Any
Protocol
Any
Dst. Addr.
Any
Src. Addr.
Any
Rule
default
.3 . ) , ( . http
" >1023 80 , 80 . Incoming SPD-
, :
Additional Parameters
Action
Forward
Src. Port
80
Dst. Port
>1023
Protocol
TCP
Dst. Addr.
Netwix-IL
Src. Addr.
Any
Rule
httpRuleIn
,forward , .
.4 telnet , .
telnet , . :
telnet ; telnet telnet . -
SPD .- , , ) ESP- AH- ( .
:
Additional Parameters
ESP, Sign+Encrypt
Action
Secure
Dst. Port
>1023
Src. Port
23
Protocol
TCP
Dst. Addr.
Netwix-IL
Src. Addr.
Netwix-US
Rule
telnetRule1
ESP, Sign+Encrypt
Secure
23
>1023
TCP
Netwix-IL
Netwix-US
telnetRule2
11
GWA , , , .Forward
:
Additional Parameters
Action
Forward
Dst. Port
any
Src. Port
any
Protocol
IPsec
Dst. Addr.
SubnetF
Src. Addr.
Netwix-US
Rule
FinanceTransport
Action
Forward
Dst. Port
any
Src. Port
any
Protocol
IPsec
Dst. Addr.
GWF
Src. Addr.
GWB
Rule
FinanceTunnel
':
: , .IKE SA IPsec-
,Tunnel mode ) (gateway- IP , IKE .GWA IKE-
500 .UDP- ,TCP session , UDP- . UDP- "
) TCP- >1023 sessions ( . IKE:
Additional Parameters
Action
Forward
Dst. Port
500
Src. Port
500
Protocol
UDP
Dst. Addr.
GWA
Src. Addr.
Any
Rule
IKERule
Action
Secure
Dst. Port
Any
Src. Port
Any
Protocol
Any
Dst. Addr.
Netwix-IL
Src. Addr.
Any
Rule
VPNIn
12