1

Internet Key Exchange fails PCI Scan

view story
linux-howto

http://forums.cpanel.net – my pci scan showed up this as a problem and I would like some help in figuring out how to get it resolved. I cant seem to find anything in google about it. Description The remote Internet Key Exchange (IKE) version 1 service seems to support Aggressive Mode with Pre-Share key (PSK) authentication. Such configuration could allow an attacker to capture and crack the PSK of a VPN gateway and gain unauthorized access to private networks. Solution - Disable Aggressive Mode if supported. - Do not use Pre-Shared key for authentication if it's possible. - If using Pre-Shared key can (HowTos)