Opportunistic Encryption of IP traffic: FreeS/WAN 2.0

Russ Nelson writes "Since 1996, John Gilmore has dreamed of an Internet where all traffic between cooperating sites is encrypted. He has supported the FreeS/WAN project which uses IPSEC to encrypt IP traffic on an opportunistic encrypting basis. The team has released Linux FreeS/WAN 2.00, their first release optimized for Opportunistic Encryption (OE). After installation, ZERO host configuration is required for OE! A Linux box running 2.00 will encrypt all IP packets to other OE capable boxes whenever possible, provided you publish a key and IPsec gateway information in DNS." Nice.

Weakest link

[gsliepen]

A chain is as strong as its weakest link.
This applies to cryptography as well.
In the Oppertunistic Encryption scenario, DNS is probably the weakest link. Spoof KEY records and you can launch a man-in-the-middle attack.

Wireless applications?

[i.r.id10t]

I was wondering... would this have application for wireless, either between a workgroup bridge (like the Ciso one) or a single pci/pcmcia card and an AP or mesh of APs? Seems like it could be better than WEP, especially if it was just as easy to implement on a small scale non-DNS based solution (hosts file, ssid, hard coded ip range, etc.)

Pretty cool idea

[VCAGuy]

I think this idea of a "meta-SSL" is a really good one--not only can we encrypt the data stream, but also the headers. Of course, we'd still need to deal with session keys and the problem of "known response" attacks, but assuming we can fix that, this looks really promising.

(And of course, it would be best if we could implment this on the hardware of the routers themselves, rather than rely on the OS...*cough* M$ *cough*).

This will never work

Windows 2000 allows one to request IPsec security on all network traffic. All you have to do is flip a switch. I tried this when Windows2k first came out - theoretically, my machine would send a packet to your machine requesting an IPsec connection, your machine responds (either with a "what are you talking about" or "sure, let's do IPsec!") and the connection either gets secured, or dropped back to normal communications. Within a month, I got approximatly 20 calls including three notices from my ISP (UUNET) that I was engaging hacking activity! It's great that some companies actually monitor their network, check their sniffers, and pay people to review the logs, but they should know what an IPsec packet looks like, or at least understand which ports it attempts to authorize over! There was even one company who it ended up being discovered was hacking me!

Anyway, this will never work - there's too many clueless administrators out there who will think it's just someone attacking their core routers or overloading their DNS server, or something else equally inane, and they won't bother to check what the port really is.

SpamStop

[Bruha]

Wonder if I could just tell my email server to only accept encrypted connections from trusted sources to stop spam. This would definately work for seperate corporate mailservers that need to connect to eachother across the internet eliminating the need to maintain them on a private network.

Dumb ISPs

[Gothmolly]

Tell those ISPs to go fsck themselves.

IPSec traffic OFTEN looks like "hack" attacks - weird, short packets, protocol 50 and (sometimes 51), streams of UDP 500, etc. Because it's all binary, its more likely to trigger the "shellcode" sort of alerts. An IDS will see the binary stream "F00F" in your payloads and assume you're doing a DoS attack or something. Trust me, I know - I helped build the first version of Guardent'sIDS solution.