I hope everyone enjoys this episode. I didn't have time to bleep out a few curse words, so I apologize in advance.

Paul.com

ICMP Type 19 Code 0 (no code) is reserved for security.

Forgot to add that I found this info at:

http://en.hakin9.org/products/articleInfo/99

and

http://www.iana.org/assignments/icmp-parameters

Unrelated to this podcast, since I'm about to listen to it now, but since you guys are into wireless security, I wanted your take on this configuration:

If I set up an ipsec vpn gateway at home that implements PFS (session key perfect forward security), then connect to this network from a public wap, is my traffic safe from snooping? From the man pages for isakmpd.policy, I see the following description of PFS:

Alternatively, a new Diffie-Hellman computation may be performed, which
significantly slows down the exchange, but at the same time provides Per-
fect Forward Secrecy (PFS). Briefly, this means that even should an at-
tacker manage to break long-term keys used in other sessions (or, specif-
ically, if an attacker breaks the Diffie-Hellman exchange performed dur-
ing Main Mode), they will not be able to decrypt this traffic. Normally,
no PFS is provided (the key material used by the IPsec SAs established as
a result of this exchange will be derived from the key material of the
Main Mode exchange), allowing for a faster Quick Mode exchange (no public
key computations).

What protection does this offer to traffic, in regards to man in the middle attacks via wireless?

Thanks for your insight,
Axton Grams

First off, I have been looking for some really worth while podcasts and you guys are just that!

Keep up the good work!

Richard Burton
-Sr. Software Engineer