Linux w/ SBC DSL
    Monty J. Harder 
    lists at kc.rr.com
       
    Mon Jul 15 02:50:37 CDT 2002
    
    
  
"Gerald Combs" <gerald at ethereal.com> wrote:
> It makes me physically ill to come out in defense of SBC, but if you're
> authenticating PPP (including PPPoE), you have three choices:
>
>   - Use PAP.  Passwords are sent in the clear, but can be encrypted on
>     the server.
>
>   - Use CHAP.  Passwords are encrypted using a one-way hash.  They must be
>     stored in clear text on the client and server.
  Yuck.  I'm glad I get to use RoadRunner.  I suppose it stands to reason -
PPP is designed to run over a serial line, a lot less likely to be sniffed
than Ethernet.  But it's still bad from a security standpoint.
>   - Use some proprietary/mangled version of CHAP, such as MS-CHAP
>     or whatever crap someone (Shiva?) came up with a while back.
  And so is security through obscurity.  I guess it's asking too much to
expect some form of Public Key scheme be used.
    
    
More information about the Kclug
mailing list