Transport Mode IPSEC
Dan Mahoney, System Admin
danm at prime.gushi.org
Thu Jan 18 08:06:30 UTC 2007
On Wed, 17 Jan 2007, Ted Mittelstaedt wrote:
> Dan,
>
> You do realize, don't you, that since both of these hosts are on a switch,
> and are using unicast traffic to communicate with each other, that they
> cannot be sniffed, don't you?
That implies trust of the switch, trust against arp-cache poisoning, and
the like. The idea of ipsec is not trusting the wire.
With NIS/NFS known for being this inherently secure, would it get me a
better answer if I said "with only a single router between them"?
-Dan
--
--------Dan Mahoney--------
Techie, Sysadmin, WebGeek
Gushi on efnet/undernet IRC
ICQ: 13735144 AIM: LarpGM
Site: http://www.gushi.org
---------------------------
More information about the freebsd-questions
mailing list