On Mon, 2020-03-23 at 18:02 -0700, Daniel Lenski wrote: > On Mon, Mar 23, 2020 at 4:43 PM dan.m...@gmail.com <dan.m...@gmail.com> wrote: > > > > As much as I would like the share the capture, I'm not really sure I > > have the liberty of sharing it? As there could be private information > > contained within it. I know that makes this more difficult for me.
It should be easy enough to edit out usernames and passwords. Any session key that is obtained through authorisation is going to be tied to the life of that session so won't be useful any more. Send it to Daniel and me in private if you prefer. > One approach is to try to put together an anonymized document that > describes the protocol abstractly, like I did here for GlobalProtect > as I was studying it: > https://github.com/dlenski/openconnect/blob/master/PAN_GlobalProtect_protocol_doc.md > > The good news is that a lot of the information needed to add support > for Cisco IPSEC is probably right there in the headers of the CSTP > connection request/response which we already understand very well. Try > connect to your server with `openconnect --dump -vvvv`, and start > looking for HTTP headers that mention IPSEC or ESP. > > It's all plain text at that point, so it should be quite > straightforward to identify and obfuscate anything that may be > sensitive (e.g. username, password, cookies, secret values). Isn't this the IKE-based one that is partly supported by vpnc?
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ openconnect-devel mailing list openconnect-devel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/openconnect-devel
