**** BEGIN LOGGING AT Mon Jul 8 22:50:20 2002
--> You are now talking on #bsrf
--- Topic for #bsrf is '.:: BlackSun Research
Facility (
http://blacksun.box.sk) ::. || Nothing illegal || Send in your BSRF
logos for the contest to Mikkkeee or AZTEK || email Simprix
(simprix@simprix.net) concerning lectures || lecture 07/08/02 at 11PM EST (4 am
GMT) on VPNS, by _Jonah_ || http://fusion.dyn.ee/bsrf2.gif
--- Topic for #bsrf set by AZTEK at Sun Jul 7 10:08:49
--- ChanServ gives channel operator status to simprix
<DigitalFallout> <---START LECTURE--->
<_Jonah_> VPN =
<_Jonah_> Virtual Private network
<_Jonah_> the concept behind it is really simple
<_Jonah_> although the implmentation is not
<_Jonah_> e.g a company has branches that are connected to a shared/public network
--> _bAss (ffffffffff@TCydwnX3BaI.a.004.syd.iprimus.net.au) has joined #bsrf
<_Jonah_> i.e. internet
<_Jonah_> and there some sorta data being transacted
<_Jonah_> b/w two branches on that shared network
<_Jonah_> the old days
<_Jonah_> way back early 90's :-p
<_Jonah_> if there was transactions being done on the shared network
<-- b0ttyburp (b0ttyburp@7cZDwowQs8M.blueyonder.co.uk) has left #bsrf
--> b0ttyburp (b0ttyburp@7cZDwowQs8M.blueyonder.co.uk) has joined #bsrf
<_Jonah_> there was no security meassure inplace on the physical data
<_Jonah_> soooo
<_Jonah_> happy hacker b0ttyburp was having a field day
<_Jonah_> then some genious
<_Jonah_> well actualy
<_Jonah_> encryption been around for ages
--> scaal (eat@VP4FadmQevg.vic.bigpond.net.au) has joined #bsrf
<_Jonah_> bleh
<_Jonah_> i forgot to mention
<_Jonah_> b/c that data was insecure
<_Jonah_> corporations leased lines
<_Jonah_> for telco co.
<_Jonah_> for point -to point
<_Jonah_> connections
<_Jonah_> that of course was extremely costly
<_Jonah_> then VPN came a long
<_Jonah_> what VPN does
<_Jonah_> is on that shared network
<_Jonah_> it creates a virtual private network ... hence VPN
<-- [PhaLanX] (phalanx@RPhz99t4THk.codetel.net.do) has left #bsrf
--> [PhaLanX] (phalanx@RPhz99t4THk.codetel.net.do) has joined #bsrf
<_Jonah_> by boaring a path between two entities
<-- Pike has quit ()
<_Jonah_> typically a Corp. Branch and a smaller branch
<-- Jason has quit (.:touchstone:.)
<_Jonah_> let me mention
<_Jonah_> what's really pushing this technology is
<_Jonah_> globalization
<_Jonah_> and multinational corp, that need to communicate
--> c0ld (c0ld@10LEG6SNXrg.chcgil2.dsl-verizon.net) has joined #bsrf
<_Jonah_> and would be physically impossible to drop a piece of fiber from USA to KOREA
<_Jonah_> and the fact that telecomuters need access to company resources that are secure
<_Jonah_> questions?
<_Jonah_> -m
<_Jonah_> well I'm sure you guys are smart enough to understand this so far
<_Jonah_> well
<linuxlogic> can VPN's be setup using any OS?
<_Jonah_> q's?
<hydeph> continue
<_bAss> this must be a lecture right
<_Jonah_> it is not OS dependant
linuxlogic LiquidCrystalDismay <hydeph> por favor
<_Jonah_> but i will get into that
<_bAss> =D
<_Jonah_> no more questions relative to what i just said?
<th0rn> hmm.... so are vpn's a whole other type of topology?
<_Jonah_> VPNs are a logical and Physical topology
<_Jonah_> i wil get into that
<th0rn> k
<_Jonah_> i think everyone is on the ball so far
<_Jonah_> there are 3 classes of VPNs
<th0rn> ya, i was jus wondering how they are layed out
<_Jonah_> A. Remote Dial in.....
<_Jonah_> those users will have a desire for co. resources on an infrequent bases
<_Jonah_> or are constantly changing physical locations
<_Jonah_> B. Always connected
<_Jonah_> connected
<_Jonah_> those are small branches, like a cellular store
<_Jonah_> or retail outless
<_Jonah_> or home telecommuters that need permanent access
<_Jonah_> ... sorry for my spelling
<_Jonah_> and lastly
<_Jonah_> C. The Extranet class
<_Jonah_> this is a newly defined class of the internet
<_Jonah_> essential
<_Jonah_> essentially
<_Jonah_> it is for large corp to communicate with each other
<_Jonah_> and transfer critical data over large geographic WANs
<_Jonah_> ok
<_Jonah_> there are a few fundamentals
<_Jonah_> that need to me taken heed of when deploying a VPN
<-- piksel has quit (Ping timeout: 180 seconds)
<simprix> ready to continue
<_Jonah_> What type of security will you employ, encryption type,, type of tunneling,, type of authen tication
<_Jonah_> B. What sorta QoS requirements will ur deploy
<_Jonah_> QoS quality of service...
<_Jonah_> some QoS techniques would be traffic shaping, packet prioritizing
<_Jonah_> packet queing
<_Jonah_> etc
<_Jonah_> and C. How will the VPN be manage
<_Jonah_> btw i have my lecture notes on ftp after this i'l put it up
<_Jonah_> AA. Security for VPN
<_Jonah_> (now i'm going to be referencing the those three fundamentals)
--> aphrael (aphrael@NTCS7oS6MSA.dialup.mindspring.com) has joined #bsrf
<_Jonah_> the VPN is like i already said connected across a shared network
<_Jonah_> i.e a tunnel
<_Jonah_> it is a Point-to-point connection
<_Jonah_> between two nodes
<_Jonah_> the first process of
<_Jonah_> initiating a VPN
<_Jonah_> connecting
--> guest284 (dick@k2UJmRwJyT2.64.5.220.O) has joined #bsrf
<_Jonah_> is the process called Tunnel Setup
<_Jonah_> this process involves authentication
<_Jonah_> typically MD5...(message digest 5)
<_Jonah_> triple A authentication ....
<_Jonah_> AAA- Authentication, authorization &accounting
<_Jonah_> thats based on radius and tacacs
<_Jonah_> and you can use radius and tacas
<_Jonah_> once the tunnel is established
<_Jonah_> encryption begins
<_Jonah_> the last part
<_Jonah_> of security for the vpn
<_Jonah_> is to include some type of data integrity checking
<_Jonah_> this is typically done by protocols like
<_Jonah_> IPsec/SAP which i will describe further in a bit
<_Jonah_> Beyond ensuring no other devices interact (i.e. happy hacker b0ttyburp)
<_Jonah_> packet integrity should be accounted for
<_Jonah_> using new headers
<_Jonah_> attentuation, and packet detriorzation should be tested
<_Jonah_> using ESP,AHA
<_Jonah_> SHA
<_Jonah_> AHA=algorithm hasing authentication
<_Jonah_> dont hoold me to it but i think that's it
<_Jonah_> and SHA secure hasing algorithm
<_Jonah_> algorithm
<_Jonah_> and lastly
<_Jonah_> lastly
<_Jonah_> there must be a firewall wall in place (i say must but it is not a required element)
--> piksel (none@ppqhKcCIihHc.oakland.cmc.net) has joined #bsrf
<_Jonah_> this fire wall can be either software,
<-- Ralph[a (Ralph@Ay7Xh0V8gbbw.gen.pacificcoast.net) has left #bsrf
--> Ralph (Ralph@Ay7Xh0V8gbbw.gen.pacificcoast.net) has joined #bsrf
<_Jonah_> packet filter like ipfw/ipf
<_Jonah_> or cisco pix
<_Jonah_> etc
<_Jonah_> lol
<_Jonah_> ok
<_Jonah_> now on to QoS..
<_Jonah_> well
<_Jonah_> actually questions?
<Ralph> no!
<Ralph> i guess not many could ask
<Ralph> with +m on
<_Jonah_> can you -m
<Ralph> no
<Ralph> i'm not an op
<Ralph> but you are
<_Jonah_> well i don't know how to do it
<_Jonah_> oh well
<_Jonah_> oh wells
<Ralph> hehe
<_Jonah_> ok
<Ralph> well, everyone!
<_Jonah_> well that was VPN security fundamentals
<Ralph> message _Jonah_ for questions
<_Jonah_> now i mentioned
<_Jonah_> ok
<_Jonah_> ok
<<Phaedrus> How is the encryption handled?
<_Jonah_> encryption i will get into
<_Jonah_> but
<hydeph> radius and tacas are what
<_Jonah_> there's different methods like DES,3DES,ipsec
<_Jonah_> etc
<_Jonah_> hydeph: those are authentication protocols
<_Jonah_> similar to MD5
<th0rn> wait, jonah, so a vpn is simply a p2p link between two shared networks? (jus need a confirmation)
<_Jonah_> exactly
<th0rn> k
<Phaedrus> (thought radius was a dialup user directory like X.400)
<Ralph> can i ask an off topic question?
<_Jonah_> hydeph: simply its the protocols used for authentication exchange...
<_Jonah_> sure
<hydeph> ok
<hydeph> got it
<Ralph> how do you eat gummy bears?
<_Jonah_> btw AAA is cisco proprietary
<_Jonah_> bite the heads off
<Ralph> ok
<Ralph> and then eat the rest?
<_Jonah_> of course
<Ralph> hm
<_Jonah_> those things are delicous
<th0rn> wait, so do p2p links between public networks or public and private networks have any special names?
<Ralph> i eat them differently
<Ralph> first, bite the head of
<_Jonah_> hmm
<_Jonah_> well
<_Jonah_> in the olden days
<Ralph> then grab them with your thumb and index finger
<_Jonah_> p2p was over uucp
<_Jonah_> or dial up
<Ralph> so your thumb points at their backs
<Ralph> and rip their back open with your thumb
<_Jonah_> like when you dial up to AOL ;-p its a direct connection to their server
<Phaedrus> (no it's not)
--> dminus01 (dminus0123@wYX39ukTdeI.ipt.aol.com) has joined #bsrf
<th0rn> heheh, unfortunately ;-p
<hydeph> ralph: you have to bite off their extremeities first
<_Jonah_> ok
<hydeph> the little nub feet and arms
<Ralph> hydeph, too small
<_Jonah_> so i shal continue with QoS
<hydeph> it takes skill
<Ralph> hm, possibly
--> _Trick- (Trickwitha@j5vFjKG7x6Y.ncl0103.ncl.iprimus.net.au) has joined #bsrf
<Ralph> i like back ripping more
<th0rn> so p2p links between other types of networks don't have any special names?
<b0ttyburp> pls carry on very good so far happyhacker approved grrrrrrr... nice1 DF for kicking asshole
--> Guest1021 (kf26t3a@mtdCfs6iqTg.eseenet.com) has joined #bsrf
<_Jonah_> they are callled p2p links
<DigitalFallout> lol
--> rpc (rpc@pph7OxP7b1uY.unholy.net) has joined #bsrf
<_Jonah_> vpn just imparts security over those p2p links
<_Jonah_> and the p2p in VPN is VIRTUAL
<_Jonah_> although the packets are sent through public network
--- rpc is now known as _rpc-
<_Jonah_> since ints encrypted its provides a virtual p2p
<_Jonah_> i hope that cleared that up for you
<_Jonah_> ok next QoS for VPNs
--> T]-[3_RiPP3R (Iooksharp3@1yisbvVaugQ.fibertel.com.ar) has joined #bsrf
<-- T]-[3_RiPP3R (Iooksharp3@1yisbvVaugQ.fibertel.com.ar) has left #bsrf
<_Jonah_> unlike regualr tcp/ip trans
<_Jonah_> you beat me
<_Jonah_> ;-p
<DigitalFallout> :)
--- Guest1021 is now known as kf26t3a
<_Jonah_> ulike regular tcp/ip transport
<_Jonah_> well lemme explain regular
<_Jonah_> you got a packet
<_Jonah_> suppose ur on DSL
<_Jonah_> and ur downloading something from yahoo
<_Jonah_> the data gets sent around the internet crossing routers
<_Jonah_> and that data is inspected at each router (each hop)
<_Jonah_> for data integrity
<_Jonah_> etc
<_Jonah_> well not every hop
<_Jonah_> but
<_Jonah_> nevertheless
<_Jonah_> its hard to ensure QoS in a VPN environment beacuse
<_Jonah_> i hope i'm not getting ahead of myself
<_Jonah_> but just take this in stride i will explain it later
<_Jonah_> on packet formation
<_Jonah_> btw
<_Jonah_> http://unixd.com:81/lecture/vpn1.gif
<_Jonah_> i put a graphic
<_Jonah_> of a vpn up on there
<_Jonah_> ok
<_Jonah_> i sure i gave you enough time to get it
<_Jonah_> well
<_Jonah_> QoS is imparted in a VPN
<-- hydeph has quit ()
<_Jonah_> by redesigning of the headers
<_Jonah_> since the headers are different in VPN compared to
<_Jonah_> those in regular TCP/IP transport
<_Jonah_> the intermediate
<_Jonah_> routers are unable to do the regular checksum test for integrity
<_Jonah_> so
<_Jonah_> the QoS is primarily done at both endpoint
<_Jonah_> endpoints
<_Jonah_> of the p2p connectok
<_Jonah_> connections
<_Jonah_> shit
<_Jonah_> connection
<_Jonah_> b/c the VPN Gateway has the software to diagnose those packest
<_Jonah_> other forms of QoS
<_Jonah_> is Packet prioritizing at the gateway
<-- _Trick- (Trickwitha@j5vFjKG7x6Y.ncl0103.ncl.iprimus.net.au) has left #bsrf
<_Jonah_> and traffic shaping
<_Jonah_> and weighted fair queing
<_Jonah_> all those ensure that packets get a fair chance or more important packets
<_Jonah_> get dominant transfport rights over the others
<-- dminus01 has quit (Ping timeout: 180 seconds)
<-- DigitalFallout has quit (Remote closed the connection)
<_Jonah_> so that time dependant data can arrive efficiently at the other endnode
<_Jonah_> i would also like to mention
--> Trick (Trickwitha@j5vFjKG7x6Y.ncl0103.ncl.iprimus.net.au) has joined #bsrf
<_Jonah_> QoS is very difficult to employ on dial up vpn users
<_Jonah_> mainly b/c
<_Jonah_> they are taking so many hops around the shared network
<_Jonah_> unlike typicially with branch users
<-- CHAOS has quit (Ping timeout: 180 seconds)
<_Jonah_> they connect to the same telco ISP
<_Jonah_> lastly
<_Jonah_> VPN management
<_Jonah_> is quite simple
<_Jonah_> the most effective way is via telnet/ssh, CLI editing
<_Jonah_> CLI=command line interface
<_Jonah_> also management can be done at the CA
<_Jonah_> the certificate authority server
<_Jonah_> something i will get into in a sec
<_Jonah_> also
<_Jonah_> also
<_Jonah_> it is important to keep in mind
<_Jonah_> client management for VPNs
<_Jonah_> selecting the appropriate routers for the job etc
<_Jonah_> ok
<_Jonah_> questions?
<Ralph> -m first
<phatal> why was this held here
<Ralph> haha!
<_rpc-> HEH
<th0rn> k, so lemme put all the info i've absorbed into a more accurate definition of a VPN... (tell me if this is correct or not) a VPN is a method of transport that provides security through encryption and packet header modification that implements a VIRTUAL p2p link between shared networks... correct?
<c0ld> lol
--- _rpc- is now known as rpc
<phatal> instead of #lecture?
<LiquidCrystalDismay> oh i wanted to see the rest :)
<th0rn> lol, that was some pretty nice ascii art ;-D
--> kf26t3a (kf26t3a@mtdCfs6iqTg.eseenet.com) has joined #bsrf
<th0rn> lol @ liquid
<_Jonah_> thorn yea
<th0rn> k, cool
<_Jonah_> my fingers are tired
<th0rn> heheh, i bet
<Phaedrus> How are the actual crypto bits handled? What protocols is it using? Aren't the packets encapsulated and not modified at header level?
<_Jonah_> i will get into that also
* Phaedrus ohs...sits tight
<_Jonah_> at the bit level for you :-D
Phaedrus phatal >phatal< they are always held here
* Phaedrus has an exam on this stuff in two days
<Pleb> _Jonah_, could you repeat that? I wasn't paying attention.
<Pleb> ;)
<_Jonah_> so lemme sip some whater
<rpc> hi phaedrus
<Phaedrus> hi
<_Jonah_> ok
<Pleb> lol
<th0rn> fuck, i need a more comfortable chair
<th0rn> :-\
<_Jonah_> next i'll begin to talk about VPN Architectures && Implementation
<_Jonah_> ithink we all
<_Jonah_> got an idea of how vpns work
<_Jonah_> and the fundamental concepts
<_Jonah_> i'll go into packet security etc
<_Jonah_> and how the step by step process of VPNs are set up
<_Jonah_> and taken down ,, (LOGICALLY of course)
--> _Acolyte- (a@9J3lMVShCog.tnt1.orange.au.da.uu.net) has joined #bsrf
<_Jonah_> there are a whole bunch of
<_Jonah_> architecture arrangements
<_Jonah_> for VPN implementation
<_Jonah_> like i said the most popular
<_Jonah_> are routers on the p2p
<_Jonah_> but
<_Jonah_> it can b client to router like in the wan-dial up user scenario
<_Jonah_> logically
<_Jonah_> its the encrypted tunnel connection on a shared network
<_Jonah_> the imediate benefit of a VPN is the tocal cost of ownership
<_Jonah_> instead of leasing lines for p2p connections
<_Jonah_> you have the free access of the (internet) or shared network
<_Jonah_> plus
<_Jonah_> the sexiest thing is
--> Mikkkeee (mike@yxlXiJEpTppc.150.108.234.O) has joined #bsrf
<_Jonah_> link failure is virtually eliminated
<_Jonah_> e.g. in the leased line scenario
<_Jonah_> if there's a cut
<_Jonah_> byebye network
<_Jonah_> however in the VPN, link failure is protected using routing protocols
<_Jonah_> like RIP,EIGRP.. etc
<_Jonah_> those protocols auto sense link failures and redirect traffic
<_Jonah_> ok
<_Jonah_> thers something called IPSsec
<_Jonah_> IPSec
<_Jonah_> (internet protocol security)
<_Jonah_> lemme attempt to make a diagram
<_Jonah_> a typical ip packet is designed like this
<_Jonah_> hmm
<-- _Acolyte- (a@9J3lMVShCog.tnt1.orange.au.da.uu.net) has left #bsrf
<_Jonah_> the packet is like a rectangle
<Mikkkeee> sup ppl
<_Jonah_> |header|data|
<_Jonah_> in the header
--> Acolyte (a@9J3lMVShCog.tnt1.orange.au.da.uu.net) has joined #bsrf
<_Jonah_> theres |destination ip|source ip|dest. port|source port|
<_Jonah_> followed by the data
<_Jonah_> what ipsec does
<_Jonah_> it encrypts the entire packet
<_Jonah_> before it gets sent out the VPN gateway
<_Jonah_> an dputs it in an entirely new packet
<_Jonah_> where - |new header|old packet|
<_Jonah_> the entire old packet is put in the data
<_Jonah_> section
<_Jonah_> including the oldheader...etc
<_Jonah_> take a second to grasp that concept
<-- Acolyte (a@9J3lMVShCog.tnt1.orange.au.da.uu.net) has left #bsrf
<_Jonah_> then when that new ipsec packet arrives at the end VPN gateway
<_Jonah_> it does the VPN Header checks from the IPSEC header
<_Jonah_> reforms the packet and redirects it on the private network
<_Jonah_> the IPSec core is located b/w layers 3(network layer) and layer 4(tcp/udp) layer
<_Jonah_> or the ipsec header/ESP (data body)
<_Jonah_> ESP = hmm
<_Jonah_> something Security Payload
<_Jonah_> i forget i'm sorry
<_Jonah_> so
<_Jonah_> to reinterate
<_Jonah_> the new IPsec packet
<_Jonah_> has the new AHA header followed bye the ESP body/data
<_Jonah_> ESP ensures packet encryption
<_Jonah_> while
<_Jonah_> the AHA... Authentication Hashing Algorithm
<_Jonah_> esures
<_Jonah_> packet delivery
<_Jonah_> there are two modes
<_Jonah_> for IPSec
<_Jonah_> tranparent
<_Jonah_> and Tunnel mode
<_Jonah_> Transparent btw is rarely ever used anymore
<_Jonah_> in trans. mode, only the data is encrypted
<_Jonah_> so remote routers located within the tunnel can implement QoS b/c they can read the header
<_Jonah_> in tunnel mode
<_Jonah_> the entire packet is encapsulated
<_Jonah_> and a new packet is created...
<_Jonah_> just as i describe above
<_Jonah_> now
<_Jonah_> when implementing VPN you may want to use trans. mode if you have a whole bunch of dial up users
<_Jonah_> b/c of all the hops their packets are going to take
--> Zomart (Zomart@y9ppfhSBLZ22.om.om.cox.net) has joined #bsrf
<_Jonah_> however the argument to not using it(which is the predominant one)
<_Jonah_> is that packet transport integrity is very high
--> Chris (melphies@VDSQtysxETo.ipt.aol.com) has joined #bsrf
<_Jonah_> so its a more secure soln. to use tunnel mode
<_Jonah_> thers another
<_Jonah_> VPN routing/packet protocol
<_Jonah_> and its GRE.... Generic Routing Encapsulation
<_Jonah_> ahh ESP ... Encapsulation Security Payload
<_Jonah_> GRE simply allows APpletalk and IPX/SPX packets to communication over a IP VPN backbone
<_Jonah_> ;-D
<_Jonah_> PPTP , point to point tunneling protocol is for Dial up users
<_Jonah_> ok
<_Jonah_> with all those in mind
<_Jonah_> we move on to something called
<-- aphrael has quit ()
<_Jonah_> Security Association
<_Jonah_> there are a whole bunch of encryption/decryption methods choices to employ
<_Jonah_> i.e. DES,AHA,SHA,MD5...etc
<_Jonah_> also
<_Jonah_> there are security keys related to each session
<_Jonah_> all this info is combined in statement of security policies
<_Jonah_> these statements have been negotiated by both endpoints of the VPN connection
<_Jonah_> btw its unidirectional
<-- piksel has quit (leaving)
<_Jonah_> each endpoin has there own SA...(Security Association)
<_Jonah_> ok
<_Jonah_> QUestions?
<Ralph> -m!
<_Jonah_> thnx
<LiquidCrystalDismay> isn't PPTP for windows, or some shit?
<rpc> few comments
<Ralph> have to do everything myself here!
<rpc> it's AH, not AHA and stands for Authentication Header
<rpc> the E in ESP stands for Encapsulating
<th0rn> so... i'm confused... when u mentioned how old packets are encrypted in the data portion of new packets sent, wouldn't that only apply when the nodes sending/receiving data over the VPN were in the middle of a 3 way handshake? (plz don't flame cuz i'm fairly new) But isn't that the only time one node would have to send an OLD packet (at the same time with the new packet) to the other (which would be a syn(old packet) and ack(new packet)?
<c0ld> PPTP is for Linux
<rpc> PPTP can be used over ethernet, not only dialup
<-- Trick (Trickwitha@j5vFjKG7x6Y.ncl0103.ncl.iprimus.net.au) has left #bsrf
<rpc> PPTP is a Microsoft protocol.
<_Jonah_> shit
<bloppy-ph33r> :/
<_Jonah_> PPTP&L2F make up L2TP
<c0ld> oh nevermind, there is a Linux PPTP client
<c0ld> my bad
<_Jonah_> so L2tp takes the protocol concepts from PPTP&L2F
<LiquidCrystalDismay> thank you :)
<Phaedrus> (where the ESP, of course, holds the authentication and crypto parameters of the the encrypted bits of the message)
<_Jonah_> and it is used in it
<_Jonah_> i believe i said AHA right
<_Jonah_> the first time
<Phaedrus> _Jonah_: As far as packet construction goes.....is VPN doing the encryption first, or the authentication first?
<b0ttyburp> exellent so far carry on... oh and i word from our sponsors:
<_Jonah_> well
--> firebit (breno@x13yh906r82.200.60.178.O) has joined #bsrf
<b0ttyburp> http://www.happyhacker.com <------ go here if you don't want to learn anything... Go here if you do ----> http://blacksun.box.sk/ irc.box.sk #bsrf or #neworder
<_Jonah_> Authentication is done first
<_Jonah_> then encapsualtion
<[PhaLanX]> b0ttyburp: nice way of advertising
<[PhaLanX]> =P
<th0rn> wait, so is the encryption of older packets only implemented during the middle of a 3 way handshake? i'm confused
<b0ttyburp> :O)
<th0rn> or is this used more often than i realize....
<rpc> there's also another subsystem of IPSec that you didn't cover: IKE
<_Jonah_> lol
<_Jonah_> i'm getting into INTERNET KEY EXCHANGE
<kf26t3a> OH LOL
<_Jonah_> any questions on what i just discussed
--> syme (syme@67PiI0RHbbdpp.dyn154.pacific.net.au) has joined #bsrf
<th0rn> jonah: u didn't answer my q yet... :-\
<linuxlogic> nope
<_Jonah_> i'm trying to build you guys up for the big blow of the entire processes
<[PhaLanX]> how many sections yet to coer?
<_Jonah_> 1/2 way done
<LiquidCrystalDismay> shit a 2 hour lecture
<[PhaLanX]> yeah
<b0ttyburp> cool
<_Jonah_> well i'm not going to even get into topology
<[PhaLanX]> i got a test tomorrow, im supposed to be sleeping
<_Jonah_> simprix: said i could do it another time
<th0rn> shit, i g2g.... :-(
<th0rn> later guys
<_Jonah_> should i continue to morrow
<-- th0rn has quit (It's a miracle! I'm actually getting off this damn thing!)
<Ralph> and full of AWESOME GOODNESS that u cnat find ANYWHERE BUT ON #BSRF!!
<Phaedrus> 3D Bi-directional folded torus topology?
<simprix> keep going
<linuxlogic> yes, tommorow!
<_Jonah_> well there will be a log
<b0ttyburp> i am loggin this too
<_Jonah_> plus a 2nd lecture
<_Jonah_> ok
<[PhaLanX]> noooooooo
<[PhaLanX]> finish up today
<Phaedrus> _Jonah_: as long as it takes place before Wednesday
* Phaedrus has his exam Wednesday
<[PhaLanX]> cutting a lecture screws up the flow
<b0ttyburp> VPN is aBIG thing
<_Jonah_> okie
<[PhaLanX]> thank you
<LiquidCrystalDismay> y do we always miss the porn?
<Pleb> nah, people like that screw up the flow..
<b0ttyburp> DAMM i did it in here titties
<Mikkkeee> lol
<_Jonah_> now I'm going to cover the basic type of encryption
<Mikkkeee> damn lamers
--> kf26t3a (kf26t3a@mtdCfs6iqTg.eseenet.com) has joined #bsrf
<Phaedrus> sweet encryption
<c0ld> lol
<_Jonah_> IPsec assumes SA already exists , SA is derived durring IKE
<_Jonah_> (internet Key exchange)
<-- Mikkkeee has kicked kf26t3a from #bsrf (out with your gay ascii)
--> kf26t3a (kf26t3a@mtdCfs6iqTg.eseenet.com) has joined #bsrf
<_Jonah_> lol
<_Jonah_> jobs of IKE are
<-- Mikkkeee has kicked kf26t3a from #bsrf (Mikkkeee)
<_Jonah_> -establishes a secure authenticated connected
<Mikkkeee> he doesn't deserve to watch this lecture
<_Jonah_> during IKE
<_Jonah_> heheh
<Ralph> you're banning ascii porn??
<_Jonah_> during IKE
<Ralph> wWTF?!@#$
<_Jonah_> during IKE
<-- syme (syme@67PiI0RHbbdpp.dyn154.pacific.net.au) has left #bsrf
<_Jonah_> the authentication method is decided
<_Jonah_> first
<Mikkkeee> when its -lecture its cool but when we are doing a lecture yup
<Ralph> :(((
<-- phatal has quit (Read error: 104 (Connection reset by peer))
<simprix> let _Jonah_ talk
<Ralph> i feel so dry all of the sudden
<_Jonah_> done//
<_Jonah_> ?
<Ralph> yes
<Ralph> go!
<_Jonah_> okie
<_Jonah_> in Preshared keys
<_Jonah_> each party has their own encryption key
Ralph r1c0 rpc <_Jonah_> already
>Ralph< be quiet
<_Jonah_> and the endnode do a calculation /hash value on the key
--> rek (rek4@r7VaTMC96iA.208.25.255.O) has joined #bsrf
--- ChanServ gives channel operator status to rek
<_Jonah_> and send it to their respective comunique
<_Jonah_> to verify they have the same key
<_Jonah_> in a public key situation
<Mikkkeee> sup rek
<rek> hey
<_Jonah_> one of hte keys are shared in a public fashion
<_Jonah_> typically on a CA, i.e. Verisign / Etrust
--> phatal (phatal@cppVKcnbbmJsQ.bhm.bellsouth.net) has joined #bsrf
<_Jonah_> ust remember the difference
<_Jonah_> b/w public and private
--> ldh1 (burrito@cxN67oGoRK2.64.146.135.O) has joined #bsrf
<_Jonah_> i will describe them in detail in a bit
<_Jonah_> now for a metaphor
<_Jonah_> that de4scribes the basics of encryption
<_Jonah_> i'm sure you are all familiar w/ Juilius Ceasar
<_Jonah_> well in those days you could only trust very few people
<_Jonah_> actually that holds some similarities with today
<_Jonah_> never the less
--> syme_ (syme@67PiI0RHbbdpp.dyn154.pacific.net.au) has joined #bsrf
<_Jonah_> he of course trusted some people
<_Jonah_> but when he wanted to communicate w/ them he sent them a message via a messenger
<_Jonah_> his correspondent
<_Jonah_> and he
<_Jonah_> both had a set agreement
<_Jonah_> on an encryption patter
<_Jonah_> i.e. every E would equal D and every C=B
<_Jonah_> only they knew the pattern
<_Jonah_> that relates to the private key scenario of already designated encryption rules
--> Xinu (Snak@bUim1zhHbb6I.dyn.optonline.net) has joined #bsrf
<_Jonah_> -----
<_Jonah_> plus
<_Jonah_> sorry
<_Jonah_> jackass messaging me
<_Jonah_> ok
<_Jonah_> ok
<_Jonah_> so
<_Jonah_> the above scenario is simply called
<Mikkkeee> damn mad ppl are awake for this lecture, lol
<_Jonah_> symetric encryption
--> PhrostByte (PhrostByte@RlNKlHrtD4k.socal.rr.com) has joined #bsrf
<_Jonah_> there is also
<_Jonah_> aysmetric encryption( w/o symetry)
<_Jonah_> which i will describe later
<_Jonah_> another term is cipher text , this is the data being encrypted
<_Jonah_> Encrytipon is the act of transforming clear text into cipher text
<_Jonah_> normally a key has to be provided along w/ the cipher textt
<_Jonah_> this is a simple formula those describles the encrytion processs
<-- PhrostByte (PhrostByte@RlNKlHrtD4k.socal.rr.com) has left #bsrf
--> PhrostByte (PhrostByte@RlNKlHrtD4k.socal.rr.com) has joined #bsrf
<_Jonah_> ciphertext= f (clear-text, K1)
>Mikkkeee< whats up
<_Jonah_> whereis f=algorithm,K=Key
<_Jonah_> so
<_Jonah_> suppose you had the word
<_Jonah_> fag
<_Jonah_> whoops
<_Jonah_> i should be PC
<_Jonah_> the word toy
<_Jonah_> toy =clear-text
<_Jonah_> algorithm will be add 3 letters to each letter
<_Jonah_> whoops
<_Jonah_> algorithm is addletters
<_Jonah_> while
<_Jonah_> the Key is add 3 letters
<_Jonah_> so
<-- linuxlogic has quit (Ping timeout: 180 seconds)
<_Jonah_> cipher= add-letters( toy , 3)
<_Jonah_> result would be
<_Jonah_> wrb= addletters( toy, 3)
<_Jonah_> and
<_Jonah_> decryption would do the oppositte
<_Jonah_> removeletters( wrb ,3) = toy
<_Jonah_> simple eh
<_Jonah_> ok
<_Jonah_> definition
<-- Phaedrus has quit (Read error: 104 (Connection reset by peer))
<_Jonah_> for decryption
<_Jonah_> is
--> Phaedrus (bar@PSBfMieMHWU.128.164.62.O) has joined #bsrf
<-- Zomart has quit ()
<_Jonah_> the process of taking the cipher text and translating it into clear text..... ( btw this requires a key also)
<_Jonah_> what i describe above
<_Jonah_> is a bloated ex. of symentic encrption
<-- syme_ has quit (Argh! Learn how to fucking spell or piss off and die.)
<_Jonah_> since there are 56 bit
<_Jonah_> bits
<_Jonah_> there are 2^56 possible keys
<_Jonah_> or
<_Jonah_> about 72x10^12 keys
<_Jonah_> MIT says
<_Jonah_> an average dude with 400 bucks would take 38 years to crack regular des encrption
<_Jonah_> however US Governemnt with 300million takes 12 seconds
<_Jonah_> so
<_Jonah_> an alternate DES was developped
<_Jonah_> where
<_Jonah_> the data is Encrypted with Key1 then decrypted with Key2 and reecrpted with Key1
<_Jonah_> thus make the totaol key size to 56x2
<_Jonah_> theres even another type of DES
--- Mikkkeee sets mode +R #bsrf
<_Jonah_> called 3des where 3 different Keys are involved
<Chris> --- Chris sets mode +R Chris
<_Jonah_> K1 encrypts, k2 decrpts,k3 encryps
<Chris> ;)
<_Jonah_> and the process is reversed on the decryption end
<_Jonah_> thers another type of encrption called Asymetric .. but i'll first take questions again
--- simprix sets mode -m #bsrf
<simprix> any questions
<_Jonah_> ha
<_Jonah_> i dont think anybody is listening
* Lunarcade stirs
<Mikkkeee> damn place is packed
<b0ttyburp> we are listening
--> SpiderMan (SpiderMan@NIZ2cxYsTpo.o1.com) has joined #bsrf
--- ChanServ gives channel operator status to SpiderMan
<simprix> im listening
<b0ttyburp> *we are
<snidx2> listening
<Mikkkeee> sup spider
<SpiderMan> hey
<LiquidCrystalDismay> watching
<simprix> you are just explaining ut very well
<b0ttyburp> i can say WE cos we have a royal family :O)
<Mikkkeee> ;)
* Phaedrus is more reading than anything
<b0ttyburp> simprix: ur correct
<_Jonah_> lemme just finish up then
<_Jonah_> wityh asymetric encryption
--- simprix sets mode +m #bsrf
<-- ldh1 has quit (Your explaining it horribly. I'm scarred for ever.)
--> [RaFa] (~none@bbmaCUCLI54Y.wantstofuck.us) has joined #bsrf
<_Jonah_> my fingers are terrible tired from typing
<Mikkkeee> sup rafa
<_Jonah_> Asymmetric involves a public and a private key
<_Jonah_> its typically used for authentication
<Mikkkeee> ;)
<_Jonah_> b/c of the high packet payload (due to a lot of keys) it doesnt provide an efficient method of data transport for time
<_Jonah_> critical data
<_Jonah_> this type is 3des
<_Jonah_> where 3 diff. keys are used
<_Jonah_> it relies on complex mathamatical algorithms that mainly depend on large prime numbers....
--> trinity (mec@sV6ppNXc5Bss.203.197.150.O) has joined #bsrf
<_Jonah_> the encryption processs is simliar in equation for tot that of symetric encryption
<_Jonah_> where
<-- phatal has quit (Ping timeout: 180 seconds)
<_Jonah_> Encryption = ciphertext= shift-right ( clear-text , 3)
<_Jonah_> but the
<_Jonah_> decryption uses a different relation similar to
<_Jonah_> decryptions = cleartext= shift-right (cipher-text, -3)
* Chris is away: brb
<_Jonah_> the relations ship between key 1 and key 2 is K1= (-1)K2
<_Jonah_> as with symmetric K1=k2
<_Jonah_> ok
<_Jonah_> now when deploying VPN
<_Jonah_> keep in mind
<_Jonah_> what sorta encryption algorithm you are going to impart in ur VPN
<_Jonah_> if you are on a slow WAN link
<_Jonah_> you probably want to limit ur asymetric encryption to just authentication
<_Jonah_> then transfer private keys for symetric encryption
<_Jonah_> however
--- Mikkkeee gives channel operator status to [RaFa]
<_Jonah_> well
<_Jonah_> one sec
--> phatal (phatal@Ta5W3Z8Rgg6.bhm.bellsouth.net) has joined #bsrf
<_Jonah_> my bad silly cat
--> bluhayz (bluhayz@fbbjxw4qW6zo.nv.nv.cox.net) has joined #bsrf
<_Jonah_> ok symetric is more efficient primarly b/c its smaller pay load
<_Jonah_> key size is small
--- Mikkkeee gives channel operator status to bluhayz
<_Jonah_> thus its more efficient for bulk transfers
<_Jonah_> and for slow wan links
<_Jonah_> Aysmetric is exacly the opposite
<_Jonah_> oh yea
<_Jonah_> CBC
<_Jonah_> outer-cipher block chaining is used in VPN packets
<_Jonah_> to input spoiler data in the packet
<_Jonah_> so that repetative data does become pattern encrypted
<_Jonah_> like someone is using a website
<-- snidx2 has quit ()
<_Jonah_> the pass is resent over and over each time they view anothe rpage in that secure domain
<_Jonah_> well thats it
<_Jonah_> :-D
<_Jonah_> i know i prolly went into encryption to much
--- simprix sets mode -m #bsrf
<bluhayz> it's over?
* b0ttyburp clap "" clap """ clap """ :O)
<_Jonah_> but its important for understanding the transfer of VPN data
<_Jonah_> hehe
<_Jonah_> if you wanna put it all together
<_Jonah_> you can
<_Jonah_> i'm so tired from typing
<Phaedrus> _Jonah_: Alright......how are symmetric keys transferred? Aren't most symmetric algotirhms alot more complex than assymetric?
<bluhayz> damnit.. I missed the whole thing!
<_Jonah_> Phaedrus: the opposite would be correct
<Mikkkeee> so did i, i only got to see half of it
<simprix> bluehayz it will be online
<Phaedrus> well....implementationally
<bluhayz> aight
<-- _bAss has quit (Ping timeout: 180 seconds)
<b0ttyburp> bluhayz & mikkkeee me got it all log
<simprix> i have the log
<Mikkkeee> ;)))))))))))
<bluhayz> cool cool
<simprix> that will be online
<bluhayz> email it to mikkkeee
<simprix> i will when i clean it up
<Xinu> b0ttyburp
<_Jonah_> i have an outline i made up
<bluhayz> ok
<rpc> Phaedrus is correct
<_Jonah_> you want it simprix?
<bluhayz> nodnod
<b0ttyburp> Xinu: hi d00d
<Xinu> lol hey
--> _bAss (ffffffffff@qljb82PjWFA.b.003.syd.iprimus.net.au) has joined #bsrf
<bluhayz> I want everything
<Phaedrus> e(m) = m^e mod p is a hell of alot easier than the complicated jungle of permutations and substitutions of DES
<Xinu> dont you feel cooler now that you know the meaning of life
<_bAss> is this crap over yet
>_Jonah_< dont worry about it, when will youu do implementation
<c0ld> lol
<c0ld> werd.
<_Jonah_> well asymmetric is more complex mathematically
<phatal> damn come on
<phatal> this really sucked
<c0ld> shit!
<-- simprix has kicked _bAss from #bsrf (simprix)
<rpc> not really
<rpc> its actually quite elegant
<_Jonah_> however symetric complexity is dependant on how many des passes is made
<phatal> um YEA right
<c0ld> this lecture suck nutz!
<-- simprix has kicked phatal from #bsrf (simprix)
<-- simprix has kicked c0ld from #bsrf (simprix)
--> phatal (phatal@Ta5W3Z8Rgg6.bhm.bellsouth.net) has joined #bsrf
<bluhayz> wtf is with all these losers?
<phatal> oh thats nice simprix
<Xinu> whoa
<rpc> Phaedrus basically typed the fundamentals of most public key algorithms
<rpc> modular exponentation
<Xinu> uhmmm atnNn does
<phatal> dude this damn channel was moderated for like an hour and a half
<phatal> thats just lame
<Xinu> is this a lecture right now?
--> Ka0ticSH (Ka0ticSH@6MVGs96CXVI.lsanca2.dsl-verizon.net) has joined #bsrf
<simprix> hey cold and phatal if you think it sucked then why dont youu do one
<rpc> (which is why asymmetric crypto is slower than symmetric, btw, due to the massive number crunching invovled with modular exponentation)
<Phaedrus> or superincreasing knapsacks, or the solving of discreet logs over a finite domain
--> c0ld (c0ld@10LEG6SNXrg.chcgil2.dsl-verizon.net) has joined #bsrf
<rpc> it doesn't have anything to do with the payload size
<c0ld> hmm
<simprix> phatal it was moterated because of a lecture
<-- st0ic has quit (i throw rocks at retard kids...[ www.fsix.net ])
<phatal> no shit man but I like to talk here, not listen so a bunch of shit
<phatal> I mean do them in #bsrflecture or something
<Phaedrus> yes.....the permutations and substitutions of DES (for example) are basically simple logical and mathematical operations....just alot of them
<bluhayz> lol.
<b0ttyburp> phatal: wipe ur mouth shit is dribbling out :O)
<rpc> also, you must use asymmetric algorithms to exchange symmetric keys, which i think phaedrus was getting at in his original comment
<c0ld> yea
<rpc> not just for authentication
<_Jonah_> i said that
<phatal> b0ttyburp: shut the fuck up d00d
<phatal> lol
<-- Chrome has quit (Ping timeout: 180 seconds)
<b0ttyburp> LOL :O) j/k
<Phaedrus> well, still didn't get into the exchange of symmetric keys
<_Jonah_> its hard typing as much as i did
<Phaedrus> (session keys)
<-- simprix has kicked phatal from #bsrf (simprix)
<_Jonah_> yea
--> phatal (phatal@Ta5W3Z8Rgg6.bhm.bellsouth.net) has joined #bsrf
<_Jonah_> i discussed how
<phatal> simprix whats your problem?
<Phaedrus> Diffie-Hellman?
<_Jonah_> the hash sum is calculated to verify the key
<LiquidCrystalDismay> have some democracy simprix let ppl voice their opinion
<rpc> ftp://ftp.isi.edu/in-notes/rfc2409.txt
<Phaedrus> but how does the key get there in the first place?
<rpc> is the RFC for IKE
<b0ttyburp> phatal: piece... it was a good lecture that is why... this channel need to be moderated to keep the flow :O)
<_Jonah_> well thats part of diffie=hellman
>LiquidCrystalDismay< they can do that but they need to be professional
<phatal> no they need a differant channel to do the lectures in
<bluhayz> no we don't
* Phaedrus must have missed that part when he moved
<_Jonah_> Http://www.ietf.org/html.charters/ipsec-charter.html thats info on ipsec
<bluhayz> we've always done the lectures in this channel
<bluhayz> we allways will do the lectures in this channel
<bluhayz> live with it and grow up
<simprix> i mean if someone things something was wrong they can put in their own two sence but in a serious matter
<rpc> ftp://ftp.isi.edu/in-notes/rfc2401.txt
<-- Ka0ticSH (Ka0ticSH@6MVGs96CXVI.lsanca2.dsl-verizon.net) has left #bsrf
<rpc> that is the original IPSec RFC
<rpc> most of the 2400's are ipsec related
--> W4R (f3333@RWZCEj7UWes.nv.iinet.net.au) has joined #bsrf
<b0ttyburp> rpc: thx for that :O)
<rpc> np
Phaedrus phatal phosphoric PhrostByte Phaedrus phatal <-- _Jonah_ has quit (Client Exiting)
<rpc> www.freeswan.org
<Phaedrus> um.....bye?
<rpc> is an IPSec implementation for Linux
>phatal< why dont you stop talking shit in #neworder
<rpc> and other unixes
<Phaedrus> TLS!!
<rpc> there is racoon for BSD
<rpc> which uses KAME i think
--> _Jonah_ (joejoe@Eih7dZ1ioi6.stmnca.adelphia.net) has joined #bsrf
<-- scaal has quit (Ping timeout: 180 seconds)
<rpc> no KAME is the ipv6 code
>phatal< CTCP VERSION
<rpc> i'm getting mixed up
<bluhayz> look
<bluhayz> grrr
<bluhayz> wrong window
--> _bAss (ffffffffff@qljb82PjWFA.b.003.syd.iprimus.net.au) has joined #bsrf
<rpc> no, i was right, KAME makes the raccoon IKE engine
<_bAss> ewww
<_bAss> im in bsrf
<-- _bAss (ffffffffff@qljb82PjWFA.b.003.syd.iprimus.net.au) has left #bsrf
<-- W4R (f3333@RWZCEj7UWes.nv.iinet.net.au) has left #bsrf
<_Jonah_> i'm so content reading what you guys type lol
<-- PhrostByte has quit ()
<bluhayz> well.. jonah.. even though I wasn't here for the lecture
<bluhayz> thanks for giving it
<rpc> vpnd is sort of a neat vpn for linux
<rpc> it's not ipsec
<rpc> but it supports some neato algorithms like twofish
* Ralph slaps SpiderMan around a bit with a large trout
<rpc> instead of 3des crap
* Ralph slaps SpiderMan around a bit with a large trout
<-- nitrate2k (e@ch.and.everyone.of.us.deserves.a.slice.of.cheez) has left #bsrf
<_Jonah_> ipsec is the public implementation of VPN
<Phaedrus> Bruce Schneier represent!!
<bluhayz> onefish twofish? redfish bluefish?
<_Jonah_> theres man different proprietary versions
<rpc> ipsec isn't an implementation
<rpc> it's a standard
<rpc> VPN is a theory
<b0ttyburp> yup ^^^^
<_Jonah_> the statndard is public no?
<c0ld> blowfish!
<rpc> rfc2401
<bluhayz> nofish?
<bluhayz> blowfish glowfish?
<c0ld> blowfish encryption!
<Phaedrus> serpent!
<c0ld> duh.
<bluhayz> lol
<b0ttyburp> IPsec is implement in windows, this was be4 they sort it out proper... humm just like bill@shit4brain.gates :O)
<rpc> IPsec is not for Windows.
<_Jonah_> anyways night guys
<rpc> there are IPSec implementations for Windows.
<b0ttyburp> it has got it?
<rpc> yes
<bluhayz> I think....
<bluhayz> I'm going to stick with networking basics
<b0ttyburp> LOL ^
* Phaedrus has an exam on this stuff in two days
<bluhayz> give me a crimper... give me a jack.. I'll show you... how to make cable... in a flash
<b0ttyburp> LOL ^
<rpc> white orange, orange, white green, blue, white blue, green, white brown, brown
* bluhayz is all about the routing basics.. like.. RIP and....
<b0ttyburp> twisted or sheilded.. its up to you give me the same and it will be pooh :O0
<bluhayz> lol
<bluhayz> anyways
<b0ttyburp> _Jonah_ when you said RIP thats a interoer routing protocol...?
<c0ld> <simprix> well VPNs use crypto
<c0ld> lol
<c0ld> duh.
<_Jonah_> no
<b0ttyburp> no?
<-- trinity has quit (Ping timeout: 180 seconds)
<_Jonah_> yea its interior
<c0ld> VPN do use encrption!
<c0ld> VPNs
<b0ttyburp> fheww me thought i'd lost it :O)
<bluhayz> they kind've have to don't they?
<Phaedrus> yeah....that's the 'virtual' and 'private' part
<Phaedrus> conceptually
<c0ld> yea
<b0ttyburp> Phaedrus: thx now i get it
<bluhayz> anyways
<bluhayz> I'm out to bed
<_Jonah_> so did you guys learn anything?
--- bluhayz is now known as bluhayz|bed
<_Jonah_> any critiques?
<b0ttyburp> i did very much so
<c0ld> _jonah_ you just did a lecture on VPNs and you said "no" when I said VPNs use crypto
<_Jonah_> how can i make the next one better.
<_Jonah_> ?
<b0ttyburp> yes ur a b4d spelller :O)
<_Jonah_> c0ld: VPN theory does
<_Jonah_> but the logical connection doesnt
<c0ld> WTF?
<Phaedrus> _Jonah_: Um...brush up on crypto....have your terms defined ahead of time....don't promise to explain things later
<c0ld> VPNs use crypto!
<_Jonah_> the p2p does
* Chris is back (gone 00:23:05)
<c0ld> p2p sux my nutz!
<_Jonah_> the p2p doesnt VPN does
<rpc> well
<_Jonah_> thats what i mean
* Phaedrus should give a lecture on crypto...
<rpc> technically speaking
<Chris> dude
<rpc> you can create a VPN using GRE
<rpc> and GRE doesn't use encryption
<Ralph> rpc should give a lecture on crypto...
<c0ld> Phaedurs plz do!
<Mikkkeee> yo someone set up a server
<Chris> if p2p sucks you'd be really disappointed
<bluhayz|bed> lol
<Mikkkeee> for a live hack lecture
<_Jonah_> rpc: i never said it does
<rpc> _jonah_: i know
<c0ld> Mikkkeee server for what>
<c0ld> ?
<Chris> Mikkkeee: we talked about this
<Mikkkeee> for a live hack lecture
<b0ttyburp> ^^^ ???
<c0ld> ok.
<rpc> IPIP also can be used to create crypto-less VPN's
<phatal> holy shit
<_Jonah_> Phaedrus: yea, well i dunno, i wanted to discus crypto but in the same token i didnt want the convo to get taken over by it
<_Jonah_> plus i only know the fudamentals of it
<phatal> b0ttyburp got the '^^^^^^"s goin again
<c0ld> irc.rewted.org #hack
<c0ld> there we go
<b0ttyburp> phatal: :O)
<_Jonah_> Phaedrus: i would love for you to give one
<Phaedrus> alright....then next time skip the part about the Caesearian cipher (which was actually a permutation cipher as you described it)
<Phaedrus> alright, we'll see about the crypto lecture....maybe in a week or two
Phaedrus phatal <Phaedrus> unless somebody else really wants to do it sooner
<LiquidCrystalDismay> i got a surprise
>Phaedrus< let me know
<_Jonah_> well i said there are essential two types symetric/asymetric
<LiquidCrystalDismay> phatal's gonna do a lecture everybody!!!
<c0ld> VPNs use encryption _Jonah_
<Mikkkeee> simprix fix the lecture and email it to me
<phatal> HELL NO
<rpc> c0ld:
<rpc> c0ld: i just gave you two examples that do'nt.
<c0ld> rpc:
<rpc> c0ld: GRE and IPIP
<_Jonah_> c0ld: U asked me earlier about p2p and i said no encryption for that
<rpc> create VPN's without encryption.
<rpc> pay attention.
<rpc> or shut the fuck up
<simprix> if anyone would like to do a lecture they can email me at simprix@simprix.net
<phatal> LCD is gonna do a lecture on how to be gay
<_Jonah_> anyone want my lecture outline
<LiquidCrystalDismay> can i also sign u upto spam porn?
<Chris> simpy who hosts you ?
<Chris> df ?
>Chris< what do you mean who hosts me
<-- Psyko has quit (Ping timeout: 180 seconds)
<Mikkkeee> lol
<simprix> what?
<LiquidCrystalDismay> thats easy i'd say just get a camcorder and follow phatal around for the day
<phatal> oh oh you think you are smart huh
<phatal> thats cute mr I live in NZ and I fuck male sheep in the asshole
<c0ld> lol
<-- Xinu (Snak@bUim1zhHbb6I.dyn.optonline.net) has left #bsrf
--> _bAss (ffffffffff@qljb82PjWFA.b.003.syd.iprimus.net.au) has joined #bsrf
* bluhayz|bed thinks everyone here is a bunch of weenies
<bluhayz|bed> :-p
<phatal> LOL
--- Phaedrus is now known as Phaedrus|Weenie
--- bluhayz|bed is now known as Bluhayz|IsLame
<-- [PhaLanX] has quit (Connection timed out)
<phatal> better to be a Weenie than to eat Weenies
--- Phaedrus|Weenie is now known as Phaedrus
<Bluhayz|IsLame> I'ma lame!
<simprix> im out
<LiquidCrystalDismay> LOL
<c0ld> lol
<phatal> later simprix
<c0ld> c ya sim
Phaedrus phatal <simprix> see ya phatal
<Bluhayz|IsLame> l00k 4t m3 t4lk in my 1337 h4x0r t4xt......
<simprix> see ya c0ld
<Bluhayz|IsLame> s33... I'm s0 l4m3
<phatal> oh shit he got da leet speek
<phatal> kill me now
<Phaedrus> alright....I'm going home
<Phaedrus> bye
<Bluhayz|IsLame> c-ya
<phatal> later phaed
<-- Phaedrus has quit (Client Exiting)
<bloppy-ph33r> :/
--- Bluhayz|IsLame is now known as Bluhayz|IsLame|bed
--> Psyko (PsykoDemun@2QT9ByBdekI.ipt.aol.com) has joined #bsrf
<bloppy-ph33r> jonah!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
--- Bluhayz|IsLame|bed is now known as Bluhayz|IsLame|Bed
<Bluhayz|IsLame|Bed> there we go
<Bluhayz|IsLame|Bed> the name says it all
<Bluhayz|IsLame|Bed> my name... what kind of guy I am... and where I am
<Bluhayz|IsLame|Bed> i use trojans
<Bluhayz|IsLame|Bed> don't wanna get my girl pregnant ya'know
<phatal> LCD |5 4 |_33T f4G455 \/\/|-|0 34T5 Tr3/\/\3nDous C0x
<b0ttyburp> ftp://80.192.156.123/read/ the lecture if any1 wants it?
--> MJ12 (new-web@7f3gSvYlKTQ.ipt.aol.com) has joined #bsrf
<_Jonah_> ipt.aol.com :-D
<Bluhayz|IsLame|Bed> hahahaha
<LiquidCrystalDismay> man thats pretty 1337 phatal
<simprix> funny isnt it
<Bluhayz|IsLame|Bed> I know Digital Fallout
<simprix> he isnt part of cDc
<Bluhayz|IsLame|Bed> btw.. where the fuck is he?
<-- SpiderMan (SpiderMan@NIZ2cxYsTpo.o1.com) has left #bsrf
<Bluhayz|IsLame|Bed> no he's not
<_bAss> i Is ElItZ0R!!!
<Bluhayz|IsLame|Bed> he's cooler than that
* Bluhayz|IsLame|Bed knows rek
<Bluhayz|IsLame|Bed> rekaerf
<Bluhayz|IsLame|Bed> lol
<c0ld> STFU
**** ENDING LOGGING AT Tue Jul 9 01:04:48 2002