What is Relay attack?
A replay attack is a kind of network attack in which the attackers capture packets containing passwords or digital signatures and then resend it back to the original system later.
How to prevent Relay attack?
We can usually use MS-CHAP, MS version of Challenge-handshake authentication protocol, to prevent the replay attacks because CHAP does not actually send password over the network, but instead send a hash value based on the username and password combination and with a random number. With ChAP, even if an attacker can capture the client's response to the server¡¯s challenge, he will not be able to "replay" it because the server will expect a different response to another challenge to authenticate the same user. The following gives you basics of how CHAP works
1. After the link established, the server sends a challenge message to the requestor.
2. The requestor makes response with a value obtained by using a one-way hash function.
3. The server then checks the responded by comparing it its own calculation with the expected hash value.
4. If a match found for the values, the authentication is acknowledged, otherwise the connection will usually be terminated.
