Gary Howland wrote: | Adam Shostack wrote: | > Loren James Rittle wrote: | > | >Most | > | >presumably use a mix of a UDP data connection and tcp for control | > | >functions. | > | | > | OK, everything after the IP header is encrypted. I don't even know | > | which protocol is in use. | > | > Are you willing to play Mallet? Drop IP packets, and look for | > duplicates. Those are TCP. (IPSEC might handle this, but I bet there | > will be broken implementations that save time by resending.) | | Are you saying UDP protocols don't retransmit un-acked packets? | If not, then you can't be sure the duplicates are TCP. Err, yes. Thats the point of UDP; its unreliable and has no acknowweldgement. "The User Datagram Protocol uses the underlying Internet Protocol to transport a message from one machine to another, and provides the same unreliable, connectionless datagram delivery semantics as IP." (Comer, 11.3) Adam -- "It is seldom that liberty of any kind is lost all at once." -Hume