Follow DFM on Twitter
DFMag:
Samsung Galaxy S4 'Secure boot feature' subverted by security expert: http://t.co/RwTS6T2rhg
DFMag:
3 months on - Mandiant and APT1: http://t.co/GjRINwkwue
DFMag:
Twitter now supports two factor authentication: http://t.co/v9qSi5mCXh
DFMag:
The Aurora attack was attempting to gain access to Google surveillance list http://t.co/F53dlRz3R1 A worrying turn of events
Advertisements
Advertisements
Cracking MS-CHAP2
Thursday, 01 November 2012 17:06
Cracking MS-CHAP2 - How Secure Is Your VPN?
MS-CHAP2 is network authentication protocol, designed by Microsoft way back in the days of NT 4.0. In fact, it is still happily working away in the background of some well-known systems such as PPTP VPN’s and WPA2 Enterprise based networks using radius for authentication. It’s been long standing knowledge the protocol has a number of fl aws, however said fl aws were often overlooked and made to appear slightly irrelevant if your password was complex enough; until a few months back when one researcher set out to change that, during this article we will be taking a closer look at some of the key fi ndings presented at this year’s BlackHat conference around the subject of cracking CHAP2 once and for all.
Up until a few months ago IT administrators around the world were safe in the knowledge that their VPNs and WPA2 enterprise based wireless networks were safe, secure and based around a long standing authentication protocol named MS-CHAP2, dreamt up by Microsoft in the earliest days of NT 4.0 and fi nally implemented as a service in the service pack 4 update.
Find out more - subscribe to DFM today and read the full article. Or if you're a subscriber, login and read the article online.
