Security problem in PPPoE connection

Joe Shen joe_hznm at
Mon Mar 13 07:19:32 UTC 2006

> >What's your method to deal with such problem? Will
> CHAP in PPPoE help?
> That may help against password sniffing but won't
> help against sniffing 
> traffic by an active attacker once the session has
> been established.  
> Also, you'll have to revisit all CPE to explicitly
> disable PAP, or an 
> active attacker could still steal the password if he
> impersonates the 
> real PPPoE server.

If we enable CHAP on BRAS, is it enough that asking
subscriber to enable Chap on MS-windows dial
connection or Linux ?  Need we install some other




Do you Yahoo!? 
New and Improved Yahoo! Mail - 1GB free storage!

More information about the NANOG mailing list