Key flaw found in the Internet

By Derek Sooman on November 15, 2005, 2:14 PM
Seemingly, a security hole in a key security protocol used all over the Internet has been found by great minds at the University of Oulu in Finland. Boffins there claim that there is a flaw in the Internet Security Association and Key Management Protocol (ISAKMP) that could lead to a serious denial of service attack. ISAKMP is utilised in IPSec virtual private networking, as well as in several Internet products such as network and firewall devices from Cisco Systems and Juniper Networks. Given the wide scale of its usage, the problem is potentially huge.

The security hole was so serious that the Finnish results were jointly issued by the British National Infrastructure Security Co-ordination Centre and the Finnish CERT to give it some weight.
Cisco and Juniper have acknowledged that some of their products are at risk. Cisco said the security flaw could cause devices to reset which could cause a temporary denial-of-service attack.

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.