PAP - old but not worthless !?
How long have Internet service providers buried PAP? 5, 10, 15 years ago?
However, Password Authentication Protocol is the liveliest. Descriptions and wiring diagrams can be found here . If you look at just released Windows 10 and try to create a PPPoE connection there, by default we will see the following picture there:
A similar situation with PPTP:
But the choice of authentication protocol does not depend on the client, they only offer you whether to agree or not - you decide.
It’s rare that any instructions from the provider, among other things, include the “Security” column; if you touch Windows connections, you can completely forget about your favorite Wi-Fi routers.
Meanwhile, in the yard in 2015. The stores sell devices whose price tag, not exceeding $ 30, allows even the uninitiated to become a small city provider.
It was Saturday
Quiet Saturday night, the favorite series on the screen. One episode ended and I sat with anticipation waiting for the next, after 5 minutes of studying the dark screen of my TV, I realized that - "Kina will not, the Internet is over."
Rb750 reported that the PPTP connection is disconnected. After looking at the number of mac addresses (47 versus the usual 200+) in the bridge on which the wan interface hangs, I rightly made a verdict that the provider has problems with L1 on the highway to me, which means you can not wait for ambulance.
My city provider has a very interesting way of distributing logins: translates from the street-apartment, for example, a subscriber living on the street 40 years of October 14 quarter 17 would receive a login 40let14-17. There was a desire to find out who is suffering with me?
We raise the PPTP server to rb750, hang on the wan IP address of the provider's gateway. We turn on debug, pptp and the neighbors hopefully begin to connect to us.
Oh, how many of you! At first, various Wi-Fi (TP-LINK, D-Link, Asus, and Co.) knocked out in friendly rows a little later in the logs I saw host-name = HOME-PC.
However, none of them managed to connect, which is natural because in secrets their names could not be, and even less so passwords.
But what if you remove authentication using chap / mschap / mschap2 in the settings of the PPTP server and leave only PAP?
The results were shocking:
- 43 out of 47 hosts requested authorization.
- 2 out of 43 proposals will be authorized by PAP - 2.
- 41 hosts or 87.2% voluntarily gave me their username and password.
It used to be better?
We live in a world of services. For a long time, the fact of connecting to the World Wide Web was not enough for us, we go to do it from the bath, pay in the kitchen, we want SMS to receive a low balance in our account, we want to voluntarily block when we go to the sea.
Competition forces providers to wind up buns in their personal dashboard. My is no exception.
Having received the already known results, I went to my personal account for the second time in 6 years from the moment of conclusion of the contract with my provider. There is no desire to harm neighbors, to enrich themselves at their expense as well, so I used my personal login / password to find out what my provider can offer me:
- personal account;
- passport data;
- mobile number Phone
- traffic report;
- tariff plan change.
In my opinion, for 87% of these should be enough to do your connection and at least turn off PAP?