Re: [m0n0wall] PPTP vs IPSEC?

From:	"Bjoern Euler (Lists at edain)" <lists at edain dot de>
To:	m0n0wall Mailing List <m0n0wall at lists dot m0n0 dot ch>
Subject:	Re: [m0n0wall] PPTP vs IPSEC?
Date:	Fri, 22 Jul 2005 19:45:44 +0200

Paul Dugas wrote:
> Looking for opinions here.  Just how evil is PPTP compared to IPSEC for
> remote access to the LAN.  I just enabled it on a test box and had a WinXP
> client logged in within a matter of minutes.  IPSEC's need for a separate
> client on WinXP seems like a hassle.  Is it worth it?
> 
> Paul
> 

When comparing Pre-Shared-Key IPSec and PPTP it is probably a matter of 
password length. Even though IPSec protects the used password better it 
also depends on the password transmission protocol (IKE), its 
implementation and the used hash modes.
There are some tools that are able to break PSK authentication in no 
time when using short passwords.

I am using a mixed environment: mainly for remote-access from Windows 
Mobile devices PPTP is an easy thing to do.

Best regards

-Bjoern