Bugtraq mailing list archives
Re: Cracking preshared keys
From: Gary Flynn <flynngn () jmu edu>
Date: Thu, 24 Apr 2003 15:41:01 -0400
Michael Thumann wrote:
To get the XAUTH based authentication information (that is the part where the RADIUS Server is involved) you must start a man in the middle attack and this MITM attack is only possible when you've already cracked the preconfigured preshared key and when you are in physical position to perform a MITM attack (that's really not too easy).Hope that helps ;-
I'm not sure that XAUTH is the same as the "IKE Shared Secret AAA". I got the impression from the Cisco docs that with the latter, either the Radius password or something derived from it was used to create the shared key for the initial Diffie-Hellman exchange. I've documented my (probably faulty) understanding of the process here: http://www.jmu.edu/computing/security/vpnauth.shtml Thanks for any clarity you can lend. -- Gary Flynn Security Engineer - Technical Services James Madison University Please R.U.N.S.A.F.E. http://www.jmu.edu/computing/runsafe
Current thread:
- Cracking preshared keys Michael Thumann (Apr 23)
- Re: Cracking preshared keys Damir Rajnovic (Apr 23)
- Re: Cracking preshared keys Derek (Apr 24)
- Re: Cracking preshared keys Gary Flynn (Apr 24)
- Re: Cracking preshared keys Michael Thumann (Apr 24)
- Re: Cracking preshared keys Gary Flynn (Apr 24)
- Re: Cracking preshared keys Damir Rajnovic (Apr 23)
- Re: Cracking preshared keys David Wagner (Apr 24)
- Re: Cracking preshared keys Michael Thumann (Apr 24)
- Re: Cracking preshared keys Curt Sampson (Apr 25)
- Re: Cracking preshared keys Stefan Laudat (Apr 26)
- <Possible follow-ups>
- RE: Cracking preshared keys Rager, Anton (Anton) (Apr 24)
- Re: Cracking preshared keys hank (Apr 25)