Exploiting known security holes in Microsoft's PPTP Authentication Extensions (MS-CHAPv2)

Jochen Eisinger

The implementation of the Point to Point Tunneling Protocol (PPTP) from Microsoft using MS-CHAPv2 and Microsoft Point to Point Encryption (mppe) is widely used to secure and control access to wireless networks. We show why the MS-CHAPv2 protocol is not suitable for user authentication in a heterogenous Unix network context.

back