[pptp-server] blank username/password works!?

Michael Walter walterm at Gliatech.com
Fri Mar 2 10:08:38 CST 2001


Is this issue specific to the samba integration?  I do not use samba
passwords and blank username/password does not allow access to our vpn.  

Software Versions:
Linux Kernel 2.2.16
PPP	2.3.11
PPTPD	1.0.0

Thanks,

Michael J. Walter
rhce mcdba mcse+i a+
Network Administrator
Gliatech, Inc.
23420 Commerce Park Rd.
Beachwood, Ohio 44122
Tel: (216) 831-3200
Email: walterm at gliatech.com 




-----Original Message-----
From: Justin Kreger [mailto:jkreger at avidsolutionsinc.com]
Sent: Friday, March 02, 2001 7:04 AM
To: 'Gill, Vern'; 'Andrew W. Davis'; pptp-server at lists.schulte.org
Subject: RE: [pptp-server] blank username/password works!?


How it could be fixed:

check the lenth of the username and the secret after getting the secret, if
both are NULL (they would have to be for MSChap/MSChapV2 to even think about
working), write lets say, write an 8 bit random number into the password
field, or the username field, this would kill MSChapV2, it would go through
the process, and fail with Failed Username or Password.

on the subject of such things, is anybody aware of any win2k
incompatabilites with pppd?

-----Original Message-----
From: Gill, Vern [mailto:vgill at technologist.com]
Sent: Friday, March 02, 2001 1:13 AM
To: 'Andrew W. Davis'; pptp-server at lists.schulte.org
Subject: RE: [pptp-server] blank username/password works!?


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Holy Toledo Batman!!!! You are correct!!! I does not appear to be the
guest user, either. The log file reads mschap auth succeeded for user
<blank>


This is a SERIOUS problem that I was not previously aware of. Thank
you for pointing that out... Wow!!! In testing I found that if you
actually specify a USERNAME in chap-secs it will fail on a blank
user.
I.E.
/etc/ppp/chap-secrets;
user1	*       &/etc/samba/smbpasswd   *
user2 *       &/etc/samba/smbpasswd   *
user3 *       &/etc/samba/smbpasswd   *
etc
etc

But it still allows users who are IN the file to work, even if they
DON'T exist in smbpasswd.
I.E.
/etc/smbpasswd;
user1:XXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXX:[U          ]:LCT-XXXXXXXX:
user2:XXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXX:[U          ]:LCT-XXXXXXXX:

Users 1 2 AND 3 CAN LOGIN SUCCESFULLY!!!!!

This is REAL bad... Maybe this is something to seriously look at the
code for. Too bad I know NOTHING about coding. I would not be of ANY
assitance, but I would LOVE to hear if a "correction" is made to
this...


Thanks again for pointing this out....


- ---> Running to nearest computer terminal to secure his network
against intrusion

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

iQA/AwUBOp85gBeamMdwy9TXEQLmUgCgksF290fkMVzt3P6l0GBfdYCZ+tAAniDo
WI3GQspdWQ3YoBhgXY/bPO2y
=/Gx7
-----END PGP SIGNATURE-----
_______________________________________________
pptp-server maillist  -  pptp-server at lists.schulte.org
http://lists.schulte.org/mailman/listinfo/pptp-server
List services provided by www.schulteconsulting.com!
_______________________________________________
pptp-server maillist  -  pptp-server at lists.schulte.org
http://lists.schulte.org/mailman/listinfo/pptp-server
List services provided by www.schulteconsulting.com!



More information about the pptp-server mailing list