Cyber Security Institute

§ Current Worries

Top 3 Worries

  • Regulations
  • Old Firewall Configurations
  • Security Awareness

§ Listening

For the best information

  • The underground
  • Audible
  • Executive Excellence
  • Music (to keep me sane)

§ Watching

For early warnings

  • 150 Security Websites
  • AP Newsfeeds
  • Vendors

Thursday, May 12, 2005

Government warns of IPsec VPN flaw

The UK’s National Infrastructure Security Coordination Centre (NISCC) has issued a serious warning over the safety of IPsec virtual private networks (VPNs).

On its Web site, NISCC said a flaw in the IPsec VPN protocol could allow hackers to obtain a text version of encrypted communications with only “moderate effort”.

The flaw, which NISCC rated as ‘high risk’, makes it possible for an attacker to intercept IP packets travelling between two IPsec devices and modify the encapsulation security payload—- a sub-protocol that encrypts the data being transported.  This could ultimately expose this data to an unauthorised third party.

On its Web site, NISCC wrote: “By making careful modifications to selected portions of the payload of the outer packet, an attacker can effect controlled changes to the header of the inner (encrypted) packet…If these messages can be intercepted by an attacker, then plaintext data is revealed.”

NISCC has published a number of solutions to this issue.,39020375,39198102,00.htm

Posted on 05/12