at Monday, November 04, 2002 3:13 PM, Tyler Durden > This is an interesting issue...how much information can be gleaned > from encrypted "payloads"?
Usually, the VPN is an encrypted tunnel from a specified IP (individual pc or lan) to another specified IP (the outer marker of the lan, usually the firewall/vpn combo box but of course that function can be split if needs be) sniffers can usually catch at least some of the initial login - normally a host name or user name is passed unencrypted as part of the setup - but any actual mail traffic will be indistinguishable from any other traffic; it is encapsulation of IP packets in an outer encrypted wrapper. similar statements can usually be made for Zeb, SSH and other similar tunnels - each encapsulates a low level (almost raw in the case of strict tunnels like zeb or ssh) packet passing tunnel in a crypto skin.
