Friday, November 28, 2014
Search
  
Submit your own News for
inclusion in our Site.
Click here...
Breaking News
Sony's New E-Paper FES Watch Appears Online
Amazon Releases Deals of the Year on Cyber Monday
Germany To Get Secure Phones By BlackBerry
Xbox And Playstation Black Friday Deals
Toshiba Launches ARM-Based Application Processors with Sound, Image Data-Mining and Security Functions
Pioneer To Release The BDR-XU03JM Portable Blu-ray Drive For Macs
Syrian Electronic Army targets CNBC, Telegraph, Independent, PCWorld
GoPro Camera Drones In The Works: report
Active Discussions
Hi All!
cdrw trouble
CDR for car Sat Nav
DVD/DL for Optiarc 7191S at 8X
Copied dvd's say blank in computer only
Made video, won't play back easily
New Features In Firefox 33
updated tests for dvd and cd burners
 Home > News > General Computing > Critica...
Last 7 Days News : SU MO TU WE TH FR SA All News

Friday, May 13, 2005
Critical flaws found in IPsec protocols


Flawed cryptography is leaving people using IPsec security protocols vulnerable to hacking, according to the UK's National Infrastructure Security Coordination Centre (NISCC).

The organisation has released an advisory about the discovery of three key flaws in the Encapsulating Security Payload (ESP) that provides base-level encryption of data, typically travelling though virtual private networks.

"An attacker could modify sections of the IPsec packet, causing either the cleartext inner packet to be redirected or a network host to generate an error message," warned NISCC.

"In the latter case, these errors are relayed via the Internet Control Message Protocol. Because of the Protocol's design, these messages directly reveal segments of the header and payload of the inner datagram in cleartext.

"The attacks have been implemented and demonstrated to work under realistic conditions."

The organisation rates the flaws as 'highly critical' and added that the Authentication Header protocols that guarantee the authenticity of data packets are also vulnerable.

The advisory provides three ways to work around the problem, including reconfiguring the ESP system and using Authentication Header and ESP simultaneously to defeat eavesdroppers.


Previous
Next
Sprint Offers 2-Megapixel Camera Phone By Samsung        All News        DRAM makers expect new Intel chipsets to accelerate DDR2 adoption
Microsoft to slim down Windows XP for older PCs     General Computing News      Mr Lawrence Chang of Kingmax at CDRinfo

Get RSS feed Easy Print E-Mail this Message

Most Popular News
 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2014 - All rights reserved -
Privacy policy - Contact Us .