IPSec Security Concepts

IPSec technology secures internet protocol communication by encrypting every IP packet. Lack of security measures subjects a user’s data to attacks which IPSec serves to protect against. Certain attacks are passive and only involve monitoring of information while others are active and information is always altered to destroy or corrupt it. IPSec protects against attacks like eavesdropping, data modification and IP address spoofing.

With eavesdropping, an attacker can access the data paths in the network, monitor the traffic and read the data. This is because most of the network communications occurs in an unencrypted format thus allowing easy interpretation.  Snooping is the term used to refer to the act of eavesdropping. It should be noted that lack of strong encryption usually leads to the information in a network to be read easily.

Data modification follows after an attacker has read the information. This usually happens without the sender or receiver of the information having any clue.  Modification of data even if it is not confidential has a lot of implication since the receiver would receive a completely different message.

IP address spoofing involves falsely using an IP address. A majority of operating systems and networks usually employ the IP address to detect the validity of a computer on a network.  An attacker might incorporate special programs in constructing IP packets that would appear to be from valid addresses inside an organization intranet.

Another common attack is the compromised key attack. This involves using a secret code to validate, encrypt or decrypt protected information. Acquiring a key is usually hard and takes a lot of time but when it is determined; it is called a compromised key. The attacker can easily access information without any party knowing after acquiring the key.

The most dangerous attack to a corporate communication infrastructure is the eavesdropping attack. This is because an attacker would be able to read all the communications whether confidential or not. It also leads to data modification since information is usually modified after being interpreted.