Re: Security problem in PPPoE connection

• From: Joe Shen
• Date: Mon Mar 13 02:20:45 2006

• Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com.sg; h=Message-ID:Received:Date:From:Subject:To:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=epTu3kWwC7VpOcTdW/6586MF0H0ldaQ3IvdEhs6Wx5T8l4svFJyXG/MDgS+W4ljkytFDY3nJKzuSOtSZo+qneqVzKQGpHet9zxAL5+3ro1H0FGW4++q5+Sc01jeBlORpe4diTuOD37dlV8FsApyUmwgMteO8zOWaRzDfFXjs00Y= ;

> >What's your method to deal with such problem? Will
> CHAP in PPPoE help?
> 
> That may help against password sniffing but won't
> help against sniffing 
> traffic by an active attacker once the session has
> been established.  
> Also, you'll have to revisit all CPE to explicitly
> disable PAP, or an 
> active attacker could still steal the password if he
> impersonates the 
> real PPPoE server.

If we enable CHAP on BRAS, is it enough that asking
subscriber to enable Chap on MS-windows dial
connection or Linux ?  Need we install some other
tools? 

Regards

Joe 

 



	
	
		
__________________________________ 
Do you Yahoo!? 
New and Improved Yahoo! Mail - 1GB free storage! 
http://sg.whatsnew.mail.yahoo.com

• Follow-Ups:
  • Re: Security problem in PPPoE connection Sean Donelan

• References:
  • Re: Security problem in PPPoE connection Niels Bakker

• Prev by Date: Re: Security problem in PPPoE connection
• Next by Date: Need remote hands in Marin (San Rafael, CA)
• Date Index
• Thread Index
• Author Index
• Historical