[Openswan Users] unencrypted l2tp packets

Paul Wouters paul at xelerance.com
Sun Feb 12 17:42:01 CET 2006


On Sat, 11 Feb 2006, Ben Willmore wrote:

> My guess is that the OpenSwan that comes with ubuntu5.04 (openswan
> 2.3.0-2) is also fine with 10.4.4 -- it certainly seemed to accept the
> headers without complaint. But the Mac seemed to be sending 'RFC 3947'
> first -- perhaps Apple are finally conforming to the standard?

wow. that's a really old openswan, vulnerable to DOS attacks. Ubuntu
should really upgrade.
Also, openswan-2.4.x contains various workarounds for OSX's broken
NAT-T implementation.

Paul


More information about the Users mailing list