Attack description |
Attack Name |
Counter |
A sniffer is an application or device that can monitor and read network packets. If the packets are not encrypted, a sniffer provides a full view of the data inside the packet. Microsoft Network Monitor is an example of a network sniffer. |
Sniffing |
IPSec defeats sniffer attacks by encrypting the data, thus making it appear as garbage to the network sniffer. |
The attacker could modify a message in transit and send counterfeit data, which could prevent the receiver from getting the correct information or could allow the attacker to get secure information. |
Data modification |
IPSec prevents data from being modified in transit by creating a cryptographic checksum at the time it is sent. If the data is modified during transit, the checksum becomes invalid and IPSec discards the packet. |
An attacker could use a stolen password or key, or attempt to break the password if it is a simple password. |
Passwords |
IPSec users sophisticated encryption algorithms that make it virtually impossible to obtain a key that would be able to decrypt a message. |
An attacker can use special programs to construct IP packets that appear to originate from valid addresses inside the trusted network. |
Address spoofing |
IPSec protects against spoofing by using digital signatures on messages, via a process of non-repudiation. |
This attack targets application servers by exploiting weaknesses in the server operating system and applications. |
Application layer |
IPSec does not protect against application layer attacks because the programs is with the network application.
However, application layer attacks can be minimized by allowing only authorized, authenticated users access to servers running such applications.
|
In this attack, someone between the two communicating computers actively monitors, captures, and controls
the data transparently. (For example, the attacker may reroute a data exchange)
|
Man-in-the-middle
|
IPSec protects from these attacks via non-repudiation and digital signatures that are added to IPSec
packets.
|
The goal of this attack is to prevent normal use of computers or network resources. For example, an attacker using this sort of attack might flood e-mail accounts with unsolicited messages. |
Denial-of-service |
IPSec does not protect against denial-of-service attacks. However, you can minimize denial-of-service attacks by allowing only trusted, authenticated users to access your important servers. |