Hi there.
First post :)
I understand that EAP-MSCHAPv2 is breakable via MITM attacks. I have come across a client site who is still using EAP-MSCHAPv2 for IKEv2 VPN authentication and im just trying to work out the risk associated by leaving it as is. They do not use or plan to use WiFi with EAP-MSCHAPv2 which I understand is basically the most realistic place that an attacker would be able to successfully carry out a MITM attack.
Realistically, how secure is EAP-MSCHAPv2 if its used for remote user IKEv2 VPN use only ? What are the chances of someone being able to carry out a MITM against a user if it is via VPN ? My view is that its near impossible without some real skill or specific knowledge of the infrastructure/setup, so therefore being able to MITM an attack on say their VPN server is near impossible?
Secondly, with EAP-MSCHAPv2, the authenticating client is unable to make a successful connection unless they have the trusted root CA installed onto their computer. For an attacker, is there anyway to bypass the need to have that trusted root CA on their computer. Im trying to work out how the EAP authentication part takes place, e.g. and the risks associated with using EAP-MSCHAPv2 on VPN users only.
Thanks
No comments:
Post a Comment