nav[aria-label="Primary Navigation"] { padding: 0; & ul { list-style: none; width: 100%; display: flex; flex-direction: row; justify-content: start; align-items: start; gap: 30px; padding: 0; & li { margin: 0; } & ul li { list-style: none; } } }

CHAP or Hash question

Jackace

CHAP is used to authenticate routers over a PPP WAN link. They don't send the password in clear text but they send an MD5 hash of the password and the other router compares what it receives with the hash of it's own password. If both routers have the same password they will get the same MD5 hash result.

My question is how does this stop someone from packet sniffing and getting the MD5 hash result and then just sending the MD5 hash to one of the routers to authenticate and connect?

Find more posts tagged with

SAVE $250 on Your CISCO Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View CISCO Boot Camps

Comments

wastedtime

When a challenge is sent there is a challenge value sent with it that gets hashed with the password. The value is changed for each challenge. Because that value is changed the hashes are always different.

Jackace

wastedtime wrote: »

When a challenge is sent there is a challenge value sent with it that gets hashed with the password. The value is changed for each challenge. Because that value is changed the hashes are always different.

Thank you that is the piece I was missing.