Unencrypted tcp connections
Facts about some operating systems:
|OpenBSD 2.1||random||disabled per default|
|SunOS 5.5.1||random||enabled per default|
|HP/UX 9.04||64k incr.||enabled per default|
|AIX 4.1.4||64k incr.||enabled per default|
|UCX 3.3 on OpenVMS||64k incr.||enabled per default|
IP Security offers a framework for ensuring
privacy, authentication and
integrity of network traffic.
It is mandatory for any IPv6
implementation and can also be used as addon for IPv4.
Steven M. Bellovin has pointed out some problems with the IP Security Protcols at the Sixth USENIX UNIX Security Symposium in San Jose.
The OpenBSD Project offers a freely exportable IPSec implementation.
In order for IP Security to operate key management daemons are necessary. A good example is the Photuris Keymangement Protocol which utilizies the Diffie-Hellman key exchange to establish a shared secret between two parties over an insecure network.
Last but not least some theoretical ways to hide information in TCP/IP packets will be presented.