Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1792
Views
0
Helpful
1
Replies

IPsec and MITM

amin_sh77
Level 1
Level 1

‎01-08-2006 02:30 AM - edited ‎02-21-2020 02:11 PM

Hi All,

because always I was wonndering why the IPsec VPNs is vulnerable to the MITM, and we know thats the Ipsec hosts are authinticated and encrypted from the first steps,I want to ask how this attack will pentrate this resistant and anti proof technology? and in which stage it can compromise?and what keys in IPSec is the most vulnerable?

Thanks all

Labels:
0 Helpful
1 Reply 1

pradeepde
Level 5
Level 5

‎01-12-2006 08:39 AM

With Digital Certificates, the authentication is very strong and MITM attack possibility will be very less. Because the IPSec peers will not exchange any data before the authentication succeds.

IPSec and IKE has methods to expire and change the keys dynamically. Every key will have a time period over which it will be used and at the expiry, fresh keys are generated. This is to make sure that the data is more secure even if the old key is compromised by any means. Bye the time the old key is compromised, the IKE peers would have changed the keys already. The CPFS feature goes one step ahead and makes sure the new does not have any relation to the old key.

0 Helpful
Customers Also Viewed These Support Documents