Some information not mentioned in Gibson's book

Hi,
After going through Comptia CertMaster, I noticed that there are some important information aren't mentioned in Gibson's book.

1. PPTP protocol is considered not-secure because it is suspectable to MITM attacks.
2. MD-5 is also not secure & shouldn't be used. Some attacks are reported.
3. Since MD-5 is not secure, CHAP and MS-CHAP is also not secure. MD-5 could be better than SHA only if performance is considered.

Maybe this book needs some updates.

Find more posts tagged with

Comments

SHiNiNg4EvEr

Also LEAP is not secure because it uses MS-CHAP

chrisone

SHiNiNg4EvEr wrote: »

Maybe this book needs some updates.

You can start here.

Contact Darril Gibson|Get Certified Get Ahead

https://www.linkedin.com/in/darrilgibson/

Pseudonym

SHiNiNg4EvEr wrote: »

Hi,
After going through Comptia CertMaster, I noticed that there are some important information aren't mentioned in Gibson's book.

1. PPTP protocol is considered not-secure because it is suspectable to MITM attacks.
2. MD-5 is also not secure & shouldn't be used. Some attacks are reported.
3. Since MD-5 is not secure, CHAP and MS-CHAP is also not secure. MD-5 could be better than SHA only if performance is considered.

Maybe this book needs some updates.

PPTP isn't listed in the objectives.

The security flaws of MD5 are mentioned quite extensively in the book.