Tools released at Defcon crack MS-CHAPv2

By /

I hope your network is using a more modern and more secure authentication protocol than MS-CHAPv2 for VPN access, but if it’s one of those that’s still running PPTP VPNs, this is something you need to be aware of: yesterday at Defcon a crypto researcher released tools for cracking the protocol that were designed for penetration testing – but we all know these tools always eventually get into the wrong hands.

The good news is that using the service being offered to do this is somewhat expensive ($200). The bad news is that if these folks can do it, so can other talented hackers. Maybe it’s (past) time to dump PPTP and MS-CHAPv2 and look for more secure VPN alternatives for your Windows network, such as L2TP/IPsec or SSTP.

http://news.cnet.com/8301-1009_3-57481855-83/tools-boast-easy-cracking-of-microsoft-crypto-for-businesses/?part=rss&subj=news&tag=2547-1_3-0-20

About The Author

Debra Littlejohn Shinder is a technology and security analyst and author specializing in identity, security and cybercrime, utilizing her past experience as a police officer and police academy/criminal justice instructor. She has written numerous books and articles for web and print publications and has been awarded the Microsoft MVP designation for fourteen years in a row.

Read Next

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top