From: Nikolaj (lorddoskias@gmail.com)
Date: Tue Jan 23 2007 - 08:24:38 EST
I'm playing with pppoe for the time being and I noticed something rather
peculiar. I'm authenticating against radius server, and the
Authentication says it is PAP - eg. clear text passwords. I've read
through rfc 2516 and there is nothing said about the authentication with
password. I'm wondering whether there is a way to sniff such
passwords? I tried sniffing my own connection when I was connecting to
the pppoe NAS but no luck. Where are the password and username contained
- in the payload of some of the PAD* packets?
Regards.
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:33 EDT