Other Diversions

security

politics

religion

technology

news

friends

Science / Skepticism


Powered by MT Blogroll

Bookmooch!

Mooch/Give books at bookmooch.com

Current Reading List

Recently Read

Latest Music

Reading Queue

« Intel Hypterthreading leads to security bug | Juxtaposition Home | Penguins not on terrorist watch list »

IPSec ESP protocol flaw discovered

NISCC Vulnerability Advisory IPSEC - 004033

From what I have read on this, the flaw in ESP only will affect you if you are using ESP for confidentiality protection only (no integrity check in ESP) and are relying on other layers for integrity protection (e.g. AH or the application layer). I would never recommend you configure IPSec in this manner. Confidentiality protection without integrity protection in the same layer is not very useful IMHO. And it can be dangerous, as this flaw indicates.

Posted by on May 13, 2005 3:41 PM | |

TrackBack

TrackBack URL for this entry:
https://juxtaposition.axley.net/blog-bin/mt-tb.cgi/197

Post a comment

«« November 2007

Sun Mon Tue Wed Thu Fri Sat
        1 2 3
4 5 6 7 8 9 10
11 12 13 14 15 16 17
18 19 20 21 22 23 24
25 26 27 28 29 30  
Contact: Jason Axley

Search Amazon:

Amazon Logo

Search


Tag cloud

Archives by Category

Archives

Recent Posts

Subscribe to this blog's feed
[What is this?]
Powered by
Movable Type 3.34