[89394] in North American Network Operators' Group
RE: Security problem in PPPoE connection
daemon@ATHENA.MIT.EDU (Bora Akyol)
Mon Mar 13 14:17:08 2006
Date: Mon, 13 Mar 2006 11:16:25 -0800
From: "Bora Akyol" <bora@broadcom.com>
To: "Sean Donelan" <sean@donelan.com>
Cc: nanog@merit.edu
Errors-To: owner-nanog@merit.edu
Any info on percentages of users that use routers vs Windows boxes?=20
>=20
> Microsoft has some suggestions for configuring PPPOE for MS-Windows.
>=20
> http://www.microsoft.com/technet/prodtechnol/winxppro/maintain
> /pppoe.mspx
>=20
> A problem is many of your customers won't follow the=20
> directions, and may still be vulnerable to man-in-the-middle=20
> attacks for the login if they don't disable PAP. Because=20
> things will appear to work, i.e. Windows will use CHAP first=20
> and fallback to PAP, your customers may not notice when an=20
> attack does occur.
>=20
> Although PPPOE is a layer 2 protocol, the user data may be=20
> vulnerable to many of the same ethernet CAM table, denial of=20
> service and sniffing weaknesses even if the login credentials=20
> are kept secret with CHAP (or more advanced EAP options). =20
> PPPOE and PPP tend to assume the access networks are 1)=20
> "free" and 2) "secure." This may be constrained using=20
> point-to-point connections, but often require additional=20
> configuration of multi-access networks.
>=20
> The configuration details will vary by equipment vendor. But=20
> you should find some good information by doing a few web=20
> searches for metro ethernet security, private vlan, broadcast=20
> security.
>=20
>=20
