![](https://i.imgur.com/9UQ54uc.gif"){kind=small}
What is swIPe?
SwIPe IP Security Communication Rule (swIPe) is an experimental IP security communication protocol established in 1993. It operates at the Internet layer in the series of Internet communication rules.
swIPe provides confidentiality, integrity, and authentication in network traffic, and can be used to ensure both end-to-end and middle-hop security. SwIPe deals only with security mechanisms. This communication rule does not handle policy and key management, as they are handled outside the protocol. It operates by encapsulating each packet cryptographically with a strong identifier and/or encrypting the data.
SwIPe encapsulates each IP datagram within a swIPe packet to ensure security. A swIPe packet is an IP packet with communication rule type 53. A swIPe packet starts with a header containing identifying information and authentication data. The header follows the original IP datagram, followed by information used during security processing. Depending on the policy, sensitive areas of the swIPe packet (authentication data and original IP datagram) can be encrypted.
A vulnerability was discovered where Cisco routers and switches running on IOS are susceptible to Denial of Service (DoS) attacks, which involve processing packets over IP communication rule 53.
SwIPe IP Security Communication Rule (swIPe) is an experimental IP security communication protocol established in 1993. It operates at the Internet layer in the series of Internet communication rules.
swIPe provides confidentiality, integrity, and authentication in network traffic, and can be used to ensure both end-to-end and middle-hop security. SwIPe deals only with security mechanisms. This communication rule does not handle policy and key management, as they are handled outside the protocol. It operates by encapsulating each packet cryptographically with a strong identifier and/or encrypting the data.
SwIPe encapsulates each IP datagram within a swIPe packet to ensure security. A swIPe packet is an IP packet with communication rule type 53. A swIPe packet starts with a header containing identifying information and authentication data. The header follows the original IP datagram, followed by information used during security processing. Depending on the policy, sensitive areas of the swIPe packet (authentication data and original IP datagram) can be encrypted.
A vulnerability was discovered where Cisco routers and switches running on IOS are susceptible to Denial of Service (DoS) attacks, which involve processing packets over IP communication rule 53.