PAP - old, but not useless !?

How long have ISPs buried PAP? 5, 10, 15 years ago?

However, Password Authentication Protocol is very much alive. Descriptions and connection flow diagrams can be found here . If you look at the only released Windows 10 and try to create a PPPoE connection there, by default we will see the following picture there:

The situation is similar with PPTP:

But the choice of the authentication protocol does not depend on the client, you are only asked whether to agree or not - you decide.

Rarely, what instructions from the provider include, among other things, the “Security” column, if you touch Windows connections, you can forget about all your favorite Wi-Fi routers.
')
Meanwhile, in the yard in 2015. The stores sell devices, the price tag of which, not exceeding $ 30, allows even the uninitiated to become a small city provider.

It was Saturday

Quiet Saturday evening, on the screen favorite series. One series ended and I sat with anticipation waiting for the next one, after 5 minutes of studying the dark screen of my TV, I realized that - “Keen will not be, the Internet has ended.”

Rb750 reported that the PPTP connection is disconnected. Having looked at the number of mac-addresses (47 against the usual 200+) in the bridge on which the wan hangs, the interface rightly made a verdict that the provider had problems with L1 on my route, which means that the ambulance can not be expected.

My city provider has a very interesting way of distributing logins: a translit from the street-flat, for example, a subscriber living on the street 40 years of October 14 square 17 would get a login 40let14-17. There is a desire to find out who suffers with me?
We raise the PPTP server to rb750, hang the provider's gateway IP address on wan. We turn on debug, pptp and neighbors with hope begin to connect to us.

Oh, how many of you! At first, friendly Wi-Fi (TP-LINK, D-Link, Asus, and Co.) showed up in friendly ranks a bit later in the logs I also saw host-name = HOME-PC.

However, none of them could not connect, which is natural because in the secrets of their names could not be, and even more so and passwords.
But what if you remove authentication using chap / mschap / mschap2 in the PPTP server settings and leave only PAP?

The results shocked:

• of 47 hosts, 43 were requested.
• out of 43 proposals, they were authorized by PAP with the refusal - 2.
• 41 hosts or 87.2% voluntarily gave me their login password.

It used to be better?

We live in the world of services and service. The fact of connecting to the world wide web has long been lacking for us, we go to do it out of the bath, pay in the kitchen, we want SMS to come to us about the low balance on our account, we want a voluntary block when we go to the sea.

Competition forces providers to wind buns in your account. Mine is no exception.

Having received already known results, I have visited the personal account for the 2nd time in 6 years from the moment of concluding an agreement with my provider. There is no desire to harm neighbors, to be enriched at their expense as well, so I used my personal login / password to find out what my provider can offer me:

• personal account;
• passport details;
• mob number telephone;
• balance;
• credit;
• lock;
• transfer;
• traffic report;
• tariff plan change.

In my opinion, these arguments for 87% should be quite enough to tackle your connection and at least turn off PAP?