On Monday 18 November 2002 22:56, Phillip Hofmeister wrote: > On Mon, 18 Nov 2002 at 04:07:52PM +0100, [EMAIL PROTECTED] wrote: > > Hi Patrick, > > > > You can use poptop, its possible to get higher encryption with mschapv2. > > There is a kernel patch for mschapv2. And you must run pppd 2.4.1. With > > this > > mschapv2 == unsecure. TONS of paprs on the net if you wish to read. > Just type MSChapV2 Security on your favorite search engine. > > Regards,
Thank you. I think the weakness is due to the password-based authentication. The attacker can use dictionary attack to pass the authentication,right? How difficult it is to pass the MS-CHAPv2 with MPPE-128bit encryption by using the dictionary attack? I mean, will it take a long time to pass the authentication by dictionary attack? BTW, is it reasonable to say that any VPN without PKI is insecure? Another question is, is there any IPSEC-based VPDN solution? -- Patrick Hsieh<[EMAIL PROTECTED]> GnuPG Pubilc Key at http://www.ezplay.tv/~pahud/pahudatezplay.pubkey MD5 checksum: b948362c94655b74b33e859d58b8de91 1024D/F3662014 9ADF 6E3F 68DE 8DF8 4A67 0B54 6608 BAA8 F366 2014
