@Home bans VPNS
Michael H. Warfield
mhw at WITTSEND.COM
Thu Aug 24 20:40:54 EDT 2000
On Thu, Aug 24, 2000 at 07:24:21PM -0400, Joseph S D Yao wrote:
> On Thu, Aug 24, 2000 at 09:36:08AM -0700, Bob Hammond wrote:
> > In practice, how can they detect or prevent VPN users? Doesn't it just look
> > like IP traffic?
> > Bob
> While you could put VPN traffic on any port, in practice it is likely
> to be on port 50 or one of the other IPsec ports. Don't you think?
No no no...
Repeat after me... IPSec is not on port 50. IPsec is not on a
port at all. IPSec is IP protocol 50. Just like UDP is protocol 17,
TCP is protocol 6, and ICMP is protocol 1, IPSec is protocol 50. It
can not on be put on another port because it is not on a port to begin
with. You are off by an entire layer.
> --
> Joe Yao jsdy at cospo.osis.gov - Joseph S. D. Yao
> COSPO/OSIS Computer Support EMT-B
> -----------------------------------------------------------------------
> This message is not an official statement of COSPO policies.
Mike
--
Michael H. Warfield | (770) 985-6132 | mhw at WittsEnd.com
(The Mad Wizard) | (678) 463-0932 | http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best of all
PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!
VPN is sponsored by SecurityFocus.COM
More information about the VPN
mailing list