Tuesday, July 29, 2014
Search
  
Submit your own News for
inclusion in our Site.
Click here...
Breaking News
China Starts Anti-monopoly Investigation For Microsoft
Apple's MacBook Pros Now Come With Faster processors And More Memory
Rhapsody Now Has 2 million Subscribers
LG Starts Selling Its 105-Inch Curved UHDTV
Motorola Said To Make Google's Next Phablet
Apple-Beats Deal Cleared By Europe
New Ultrastar SAS Solid-state Drives Offer Up To 1.6TB Capacities
PNY Releases Coin Sized Micro M2 Flash Drive
Active Discussions
help questions structure DVDR
Made video, won't play back easily
Questions durability monitor LCD
Questions fungus CD/DVD Media, Some expert engineer in optical media can help me?
CD, DVD and Blu-ray burning for Android in development
IBM supercharges Power servers with graphics chips
Werner Vogels: four cloud computing trends for 2014
Video editing software.
 Home > News > General Computing > Critica...
Last 7 Days News : SU MO TU WE TH FR SA All News

Friday, May 13, 2005
Critical flaws found in IPsec protocols


Flawed cryptography is leaving people using IPsec security protocols vulnerable to hacking, according to the UK's National Infrastructure Security Coordination Centre (NISCC).

The organisation has released an advisory about the discovery of three key flaws in the Encapsulating Security Payload (ESP) that provides base-level encryption of data, typically travelling though virtual private networks.

"An attacker could modify sections of the IPsec packet, causing either the cleartext inner packet to be redirected or a network host to generate an error message," warned NISCC.

"In the latter case, these errors are relayed via the Internet Control Message Protocol. Because of the Protocol's design, these messages directly reveal segments of the header and payload of the inner datagram in cleartext.

"The attacks have been implemented and demonstrated to work under realistic conditions."

The organisation rates the flaws as 'highly critical' and added that the Authentication Header protocols that guarantee the authenticity of data packets are also vulnerable.

The advisory provides three ways to work around the problem, including reconfiguring the ESP system and using Authentication Header and ESP simultaneously to defeat eavesdroppers.


Previous
Next
Sprint Offers 2-Megapixel Camera Phone By Samsung        All News        DRAM makers expect new Intel chipsets to accelerate DDR2 adoption
Microsoft to slim down Windows XP for older PCs     General Computing News      Mr Lawrence Chang of Kingmax at CDRinfo

Get RSS feed Easy Print E-Mail this Message

Most Popular News
 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2014 - All rights reserved -
Privacy policy - Contact Us .