On Mon, Oct 02, 2006 at 03:28:15PM +0800, Lars Hansson wrote: > On Friday 29 September 2006 17:01, Joachim Schipper wrote: > > There also are some IP-over-DNS hacks available; take a look at them, if > > you want even more stealth. > > > > Also, IPsec might slip by some misconfigured firewalls. > > isakmpd has the -p option that sets the listening port.
Getting isakmpd out is most likely possible, and not necessary anyway; it's getting ESP or AH out that is the matter... Joachim