[pptp-server] How safe is Chap?

Frank Cusack fcusack at fcusack.com
Mon Jun 17 03:52:55 CDT 2002

On Sun, Jun 16, 2002 at 01:15:04PM +0200, Jurrie Overgoor wrote:
> I currently have a box set up to be vpn server. It doesn't support data
> encryption, and only chap is supported. Now I am worried about how safe my
> vpn is. Should I switch to MSCHAP v2? And data encryption? This will be a
> lot of work....

That depends on whether or not your data is sensitive enough to require
encryption.  If it is, you need it.  Without encryption, data is subject
to monitoring (and alteration).  It's not *that hard* to setup encryption.

Without encryption, pap/chap/mschap/mschap-v2 are all subject to attack.
If an attacker can monitor network traffic, pap is subject to sniffing.
If they can also inject traffic, chap/mschap/mschap-v2 allow an attacker
to login using a connected client as an oracle.  (They login to the server
as the user, and send the challenge from the server to the connected
client, replaying the answer.)

With encryption, you are still subject to attacks against weak passwords.

With a strong password and encryption, mschap-v2 is probably "good enough"
(your security needs can't be that much if you don't even know if you
need encryption).  mschap (v1) is pretty poor, don't use it.


More information about the pptp-server mailing list