THE DFIR BLOG
Menu

IPSec

10/3/2021

 
Internet Protocol Security (IPSEC) is a standard architecture for setting up a secure channel between two entities.The entities can be anything like two system, two routers, two gateways or any other combination. IPsec uses Public Key Encryption to provide confidentiality, authentication, Integrity and Non-Repudiation. 

IPsec relies of security association and there are two main associations:
1) Authentication Header (AH) - Provides assurance of Message Integrity and Non Repudiation.
2) Encapsulation Security Payload (ESP) - Provides confidentiality and Integrity of the packet content. Provides encryption and prevent replay attacks (Captures the packet and replay it later). 
​

Primary use for the IPsec is for the VPN. IPsec can operation in Two Modes
1) Tunnel Mode - Message + Header is encrypted
2) Transport - Only message is encrypted



​
Picture

Comments are closed.

    Subscribe to Newsletter

    Archives

    November 2022
    January 2022
    October 2021
    September 2021
    July 2021

    Categories

    All
    Domain8

    RSS Feed

  • Infosec
  • Mac Forensics
  • Windows Forensics
  • Linux Forensics
  • Memory Forensics
  • Incident Response
  • Blog
  • About Me
  • Infosec
  • Mac Forensics
  • Windows Forensics
  • Linux Forensics
  • Memory Forensics
  • Incident Response
  • Blog
  • About Me