Re: Re[2]: VPN question
On Monday 18 November 2002 22:56, Phillip Hofmeister wrote:
> On Mon, 18 Nov 2002 at 04:07:52PM +0100, robjeh@wanadoo.nl wrote:
> > Hi Patrick,
> >
> > You can use poptop, its possible to get higher encryption with mschapv2.
> > There is a kernel patch for mschapv2. And you must run pppd 2.4.1. With
> > this
>
> mschapv2 == unsecure. TONS of paprs on the net if you wish to read.
> Just type MSChapV2 Security on your favorite search engine.
>
> Regards,
Thank you. I think the weakness is due to the password-based authentication.
The attacker can use dictionary attack to pass the authentication,right?
How difficult it is to pass the MS-CHAPv2 with MPPE-128bit encryption by using
the dictionary attack? I mean, will it take a long time to pass the
authentication by dictionary attack?
BTW, is it reasonable to say that any VPN without PKI is insecure?
Another question is, is there any IPSEC-based VPDN solution?
--
Patrick Hsieh<pahud@ezplay.tv>
GnuPG Pubilc Key at http://www.ezplay.tv/~pahud/pahudatezplay.pubkey
MD5 checksum: b948362c94655b74b33e859d58b8de91
1024D/F3662014 9ADF 6E3F 68DE 8DF8 4A67 0B54 6608 BAA8 F366 2014
Reply to: