Hosting Provided By

Re: Prevent security bypass

From: Chris Travers <chris(at)travelamericas.com>
Date: Thu Feb 06 2003 - 12:06:26 EST

Hi;

MS-CHAP is vulnerable to a modified replay attack with regard to domain login (why Microsoft went to Kerberos in Windows 2000). However I do not think that this sort of attack could work on a public web server. Unfortunately Mac and Linux clients won't be able to log into a public server is you select this option.

For a public web server I recommend basic (plain text) authentication and providing security by using SSL.

Best Wishes,
Chris Travers

Adam wrote:

>I might be wrong about this but I couldn't find anything on MS' site (who
Received on Thu Feb 6 12:59:40 2003

This message: [ Message body ]
Next message: Adrian Wiesmann: "Re: Prevent security bypass"
Previous message: Alex Russell: "Re: Prevent security bypass"
In reply to: Adam: "RE: Prevent security bypass"
In reply to Larry Seltzer: "RE: Prevent security bypass"
Next in thread: sunzi: "Re: Prevent security bypass"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:07:48 EDT

Do you need help?