HP-UX Reference (11i v2 03/08) - 4 File Formats (vol 8)
p
ppp.Keys(4) ppp.Keys(4)
003C00F001C007
1E007800E00380
E1FF87FF1FFC7F
FFC3FF0FFE3FF8
SECURITY CONCERNS
The keys file should be mode 600 or 400, and owned by root.
Packets’ IP headers are not encrypted, though their TCP, UDP, or ICMP headers are encrypted along
with the user data portion. This allows encrypted packets to traverse normal internetworks, but permits
snoopers to analyze traffic by its endpoints.
Since the TCP, UDP, or ICMP header is encrypted, protocol-based filters along the packet’s path will be
unable to discern whether it is SMTP, Telnet, or any other network service. This means that encrypted
traffic will only permeate packet-filtering firewalls if the firewall allows all traffic between the endpoints,
regardless of traffic type. HP PPP/SLIP software for HP-UX systems, when deployed as the endpoint
gateways of the encrypted traffic, decrypt incoming encrypted traffic before applying their configured
packet filtering rules.
AUTHOR
ppp.Keys was developed by the Progressive Systems.
SEE ALSO
ppp.Auth(4), ppp.Devices(4), ppp.Dialers(4), ppp.Filter(4), ppp.Systems(4), pppd(1), RFC 792, RFC 1548,
RFC 1332, RFC 1334.
HP-UX 11i Version 2: August 2003 − 2 − Hewlett-Packard Company Section 4−−249