[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <3EA83DCD.80409@jmu.edu>
Date: Thu, 24 Apr 2003 15:41:01 -0400
From: Gary Flynn <flynngn@....edu>
To: Michael Thumann <mthumann@...w.de>
Subject: Re: Cracking preshared keys
Michael Thumann wrote:
> To get the XAUTH based authentication information (that is the part
> where the RADIUS Server is involved) you must start a man in the middle
> attack and this MITM attack is only possible when you've already cracked
> the preconfigured preshared key and when you are in physical position to
> perform a MITM attack (that's really not too easy).
>
> Hope that helps ;-
I'm not sure that XAUTH is the same as the "IKE Shared Secret AAA".
I got the impression from the Cisco docs that with the latter,
either the Radius password or something derived from it was used to
create the shared key for the initial Diffie-Hellman exchange.
I've documented my (probably faulty) understanding of the
process here:
http://www.jmu.edu/computing/security/vpnauth.shtml
Thanks for any clarity you can lend.
--
Gary Flynn
Security Engineer - Technical Services
James Madison University
Please R.U.N.S.A.F.E.
http://www.jmu.edu/computing/runsafe
Powered by blists - more mailing lists