Re: [plug] Hotspot Howto

Wed, 12 Apr 2006 00:20:08 -0700

----- Original Message ----- From: Orlando Andico 
To: Philippine Linux Users' Group (PLUG) Technical Discussion List
Sent: Wednesday, April 12, 2006 12:27 PM
Subject: Re: [plug] Hotspot Howto



win98 includes pptp also...



with appropriate software (i think MSDUN v1.3)


i also forgot you can use windows 95 using msdun 1.2 and above...


actually to be perfectly precise, what is preferred is MSCHAPv2. this
is the default in the PPTP VPN configuration so it provides the least
disruption/tech support issues to the end-user.
but if msdun cannot handshake at mschapv2, it will try for mschapv1, chap and pap in that order... if your pptp server allowed chap or pap authentication, you have still a security implication... 


and fooler is right, radius can do it. HOWEVER, if you store passwords
in radius encrypted (e.g. with MD5 or crypt) YOU CANNOT USE
MSCHAPv2.
if you stored it using NT hashed password you can use mschapv2... mschapv2 is using MD4 hashed password which is the standard NT hashed password format... 


in my case before, we had an existing radius configuration which stored
passwords encrypted, hence we could not use MSCHAPv2. however
if you're starting from scratch, it's not a big problem. i should have made
this clear.
but still it is not an excuse not to use mschapv2 because you know the tradeoff... since it is a prepaid card with new username/password to make.. you can make a separate database for that :->
----- Original Message ----- From: Orlando Andico 
To: Philippine Linux Users' Group (PLUG) Technical Discussion List
Sent: Wednesday, April 12, 2006 12:28 PM
Subject: Re: [plug] Hotspot Howto



in computing there is no such thing as rocket science... it is all about
creativity of the given architecture...


Yes that's true, but dishing out comments like "i can't tell you more.."
smacks of rocket science. i was merely pointing out that the implementation
of what the original poster wanted is not some tightly-guarded secret or
something, it's perfectly obvious.
sorry but i cant tell the full details that will implicate my job... but it is good to know that there is an existing setup like that for others to try and find it out...
fooler. 
_________________________________________________
Philippine Linux Users' Group (PLUG) Mailing List
[email protected] (#PLUG @ irc.free.net.ph)
Read the Guidelines: http://linux.org.ph/lists
Searchable Archives: http://archives.free.net.ph

Reply via email to