[ previous ] [ next ] [ threads ]
 From:  Jeffrey Goldberg <jeffrey at goldmark dot org>
 To:  Homero Thomsom <homerothomsom at yahoo dot com dot ar>
 Cc:  Monowall Mailing List <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] Dynamic DNS Password Unencrypted.
 Date:  Thu, 17 Feb 2005 22:23:01 -0800
[mailed and posted]

On Feb 17, 2005, at 2:19 PM, Homero Thomsom wrote:

> Hello, I want to communicate that when download the
> file config.xml I noticed that the password of the
> Dynamic DNS is without encryption.



which says

13.16. Why are some passwords stored in plaintext in config.xml?

PPPoE/PPTP client, PPTP VPN, and DynDNS passwords as well as RADIUS and 
IPsec shared secrets appear in plaintext in config.xml. This is a 
deliberate design decision. The implementations of PPP, IKE, RADIUS and 
the way DynDNS works require plaintext passwords to be available. We 
could of course use some snake oil encryption on those passwords, but 
that would only create a false sense of security. Since we cannot 
prompt the user for a password each time a PPP session is established 
or the DynDNS name needs to be updated, any encryption we apply to the 
passwords can be reversed by anyone with access to the m0n0wall sources 
- i.e. everybody. Hashes like MD5 cannot be used where the plaintext 
password is needed at a later stage, unlike for the system password, 
which is only stored as a hash. By leaving the passwords in plaintext, 
it is made very clear that config.xml deserves to be stored in a secure 
location (or encrypted with one of the countless programs out there).

Jeffrey Goldberg                        http://www.goldmark.org/jeff/