Next: Authentication with PPP Up: The Point-to-Point Protocol Previous: Link Control Options

General Security Considerations

A misconfigured PPP daemon can be a devastating security breach. It can be as bad as letting anyone plug in their machine into your Ethernet (and that is very bad). In this section, we will discuss a few measures that should make your PPP configuration safe.

One problem with pppd is that to configure the network device and the routing table, it requires root privilege. You will usually solve this by running it setuid root. However, pppd allows users to set various security-relevant options. To protect against any attacks a user may launch by manipulating these options, it is suggested you set a couple of default values in the global /etc/ppp/options file, like those shown in the sample file in section-gif. Some of them, such as the authentication options, cannot be overridden by the user, and so provide a reasonable protection against manipulations.

Of course, you have to protect yourself from the systems you speak PPP with, too. To fend off hosts posing as someone else, you should always some sort of authentication from your peer. Additionally, you should not allow foreign hosts to use any IP-address they choose, but restrict them to at least a few. The following section will deal with these topics.

Andrew Anderson
Thu Mar 7 23:22:06 EST 1996