pptp

[Lennart Sorensen]

On Thu, Jun 29, 2006 at 12:59:49PM -0400, moliver-fC0AHe2n+mcIvw5+aKnW+Pd9D2ou9A/h at public.gmane.org wrote:
> First I've heard of it.  Could you elaborate on that?

PPTP, at least as implemented by Microsoft back in NT4 when it was their
big thing, is not secure.  There were many bugs found in the
win95/98/NT4 code for pptp.  Many have been fixed, and they did switch
to using MS-CHAP v2, from the older much easier to break authentication.
As for how secure it is now, I am not sure, since from what I can tell,
MS-CHAP v2 is even considered fairly easy to crack.  The encryption is
only 40 or 128bit RC4 (if you happen to have the 128bit version, which
in the past of course was export controlled in the US).  40 bit
encryption is breakable in a very short time by brute force.  128 isn't
too bad.

A google search on pptp security has lots of info, although a lot is at
least a few years old, mainly since no one really cares about pptp
anymore now that we have ipsec, which was designed by people who know
how to make encryption, not by microsoft or the 802.11 group. :)

Len Sorensen
--
The Toronto Linux Users Group.      Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml