A set of standards for ensuring that communications delivered over the Internet Protocol (IP) networks are private as well as secure. This objective is completed using cryptographic services. The Microsoft Windows XP IPSec, for example, was developed using the standards of the Internet Engineering Task Force’s (IETF) IPSec working group. IPSec provides secure networking via end-to-end security (that is, from sender to receiver). In Windows XP, IPSec protects communications between LAN computers, branch offices, domain clients and servers, extranets, and roving clients. Furthermore, the IPSec protocol is supported on a variety of UNIX and Linux platforms.
According to the British-based National Infrastructure Security Coordination Centre (NISCC) in a statement released in May 2005, crackers could exploit a major flaw in IPSec framework to get the plaintext version of IPSec-protected communications with just moderate attempts.
Dickinson, P. High-Severity Vulnerability in IPSec. [Online, May 10, 2005.] Guardian Digital, Inc. Website. http://www.linuxsecurity.com/content/view/119089; Microsoft Corporation. Internet Protocol Security Defined. [Online, 2004.] Microsoft Corporation Website: http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/ sag_ipsec_ov1.mspx.