Wednesday, August 24, 2016
Search
  
Submit your own News for
inclusion in our Site.
Click here...
Breaking News
Opera VPN App For Android Released
Microsoft Provides Glimpse Of 24-core Processor For HoloLens
Nvidia Unveils Parker, The Latest SOC For Autonomous Vehicles
Toshiba to Implement Eyefi Connected Features in Next FlashAir SD Cards
LG Unveils New Bluetooth Portable Speakers
Android 7.0 Nougat Released For Nexus Devices And LG V20
Sony To Launch Two New PS4 Models Next Month
Samsung To Announce Refurbished Smartphone Program
Active Discussions
Which of these DVD media are the best, most durable?
How to back up a PS2 DL game
Copy a protected DVD?
roxio issues with xp pro
Help make DVDInfoPro better with dvdinfomantis!!!
menu making
Optiarc AD-7260S review
cdrw trouble
 Home > News > General Computing > Critica...
Last 7 Days News : SU MO TU WE TH FR SA All News

Friday, May 13, 2005
Critical flaws found in IPsec protocols


Flawed cryptography is leaving people using IPsec security protocols vulnerable to hacking, according to the UK's National Infrastructure Security Coordination Centre (NISCC).

The organisation has released an advisory about the discovery of three key flaws in the Encapsulating Security Payload (ESP) that provides base-level encryption of data, typically travelling though virtual private networks.

"An attacker could modify sections of the IPsec packet, causing either the cleartext inner packet to be redirected or a network host to generate an error message," warned NISCC.

"In the latter case, these errors are relayed via the Internet Control Message Protocol. Because of the Protocol's design, these messages directly reveal segments of the header and payload of the inner datagram in cleartext.

"The attacks have been implemented and demonstrated to work under realistic conditions."

The organisation rates the flaws as 'highly critical' and added that the Authentication Header protocols that guarantee the authenticity of data packets are also vulnerable.

The advisory provides three ways to work around the problem, including reconfiguring the ESP system and using Authentication Header and ESP simultaneously to defeat eavesdroppers.


Previous
Next
Sprint Offers 2-Megapixel Camera Phone By Samsung        All News        DRAM makers expect new Intel chipsets to accelerate DDR2 adoption
Microsoft to slim down Windows XP for older PCs     General Computing News      Mr Lawrence Chang of Kingmax at CDRinfo

Get RSS feed Easy Print E-Mail this Message

Most Popular News
 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2016 - All rights reserved -
Privacy policy - Contact Us .