| Sales | 0208 045 4945 | 0800 458 4545 |
| Support | 0208 045 4944 | 0800 230 0032 |
| Sales | 0208 045 4945 | 0800 458 4545 |
| Support | 0208 045 4944 | 0800 230 0032 |
13 May 2005
Researchers warned this week that a security technology commonly used to connect remote workers to corporate networks has a flaw that could give hackers access to encrypted data.
Many companies use so-called virtual private networks to communicate confidentially using the public Internet. The virtual private network effectively creates a secure layer on top of the Internet, encrypting data sent over the Web.
But the National Infrastructure Security Coordination Centre said this week that certain configurations of an encryption protocol used to secure virtual private networks had a "high risk" flaw.
The vulnerable encryption is IPsec, which stands for IP Security and is a set of protocols developed to support the secure exchange of packets of data.
"If exploited, it is possible for an active attacker to obtain the plaintext version of the IPsec-protected communications using only moderate effort," NISCC said in an advisory on Monday posted on the Internet.
