November 18th, 2002, 11:50 AM
IP sec tunnel mode weaknesses !?
I am glancing information about IPsec weaknesses in the public domain side of IPsec (black I/F).
I mean what action a malicious hacker may intend to DOSed a encrypted flow between 2 IPsec in tunnel mode.
My first idea was about the anti replay function of the ESP header and its sliding windows of 64 packets
even if the content (packet ID) is scelled (authenticated) maybe a random algorythm could generate an appropriate seqID.
Any ideas folks?