See a description below from my good friend Larry Greenblatt:
Great video! Shocking to me to see how bad it still is. I first watched Van Hauser's IPv6 video “Attacking the IPv6 Protocol Suite” on Google videos in 06. That was so eye opening for me. To see this now, and realize that all these years later, I know of no one running IPSec transports!!! Only remote access tunnels. I call for an upgrade to RADIUS/Diameter that I call “Circumference”. Just as Kerberos can encrypt GSSAPI application access, I believe all LDAP authorizations should use IPSec transports. The hardest part of encryption is key management, and I think that better, RFC based open standard AAA servers can help here. Keep up the great work!