[prev in list] [next in list] [prev in thread] [next in thread] 

List:       pptpclient-devel
Subject:    Re: [pptp-devel] RE: [Poptop-server] authentication dictionary attacks
From:       James Cameron <james.cameron () hp ! com>
Date:       2005-01-19 21:55:58
Message-ID: 20050119215558.GC14638 () hp ! com
[Download RAW message or body]

On Wed, Jan 19, 2005 at 02:07:27PM -0600, Stephen Leavitt wrote:
> However, if I read that article correctly, that's pretty much a moot
> point. If someone is able to packet sniff the authentication process of
> a PPTP connection, then ASLEAP can run it's dictionary attack against
> the packet sniff until it cracks the password, then all it takes is one
> attempt against the server with the cracked password, [...]

Yes, that's right.  A dictionary attack without evidence that it is
being done, since the attack is against a copy of the packet held on the
attacker's equipment.

So I agree, detecting failed logins is not relevant.  A successful
attack will be a successful login.

The risk is increased if the PPTP server is on wireless, with many users
logging in ... each additional user increases the probability that an
attack will succeed, since it provides another set of packets to attack.

The article didn't mention brute force attack, and I'm wondering how
difficult that would be for an attacker, and whether there are tools
already to assist.

http://en.wikipedia.org/wiki/Brute_force_attack
http://en.wikipedia.org/wiki/Dictionary_attack

-- 
James Cameron                         http://quozl.netrek.org/
HP Open Source, Volunteer             http://opensource.hp.com/
PPTP Client Project, Release Engineer http://pptpclient.sourceforge.net/


-------------------------------------------------------
This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting
Tool for open source databases. Create drag-&-drop reports. Save time
by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc.
Download a FREE copy at http://www.intelliview.com/go/osdn_nl
_______________________________________________
pptpclient-devel mailing list
pptpclient-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/pptpclient-devel
[prev in list] [next in list] [prev in thread] [next in thread]