Protocol 50/51 security
Keith Pasley, CISSP
kpasley at EX-PRESSNET.COM
Sun Mar 26 22:54:44 EST 2000
Mike,
Protocol 50 and 51 are the well known port numbers assigned to the
Authentication header and Encapsulating Security Payload components of the
IPSec protocol. The IPsec protocol has been established as a standard by the
Internet engineering teas force. The operation of these protocols are well
documented and understood. These are protocol numbers , not port numbers.
There is a difference. However, the main thing to remember is that all IPSec
based VPN products use these IP protocols for encrypting and data integrity.
You should, therefore, not have a security vulnerability by allowing these
protocols through (mostly routers need these protocols listed in their
"protocol" file.
Keith Pasley, CISSP
Sr. Sales Engineer
Network Associates Inc.
----- Original Message -----
From: "Michael Louie" <mlouie at SPEAKEASY.ORG>
To: <VPN at SECURITYFOCUS.COM>
Sent: Wednesday, March 22, 2000 8:06 PM
Subject: Protocol 50/51 security
> Would anyone be able to either provide some further information, or point
me in
> the right direction for this? Basically, we are deciding on whether or
not VPN
> is the right solution for us, however we are worried (perhaps paranoid
would be
> a better word) about security. Allowing VPN basically involves opening
our
> firewall to allow external access to protocols 50 & 51. I realize this is
> normally accepted as secure, however this application is for a financial
> institution.
>
> THanks,
> Mike
>
> VPN is sponsored by SecurityFocus.COM
VPN is sponsored by SecurityFocus.COM
More information about the VPN
mailing list