[ previous ] [ next ] [ threads ]
 
 From:  Daniel Milani <daniel dot milani dot 71 at gmail dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  PPTP Vulnerabilities
 Date:  Sat, 12 Nov 2005 09:28:30 -0500
Hello everyone,

I recently set up a computer lab for a group of system administrators
(of which I am one of them). One of the requirements was to be able to
remotely acces the lab using a VPN solution. I decided to use m0n0wall
because of it's robustness, support for 802.1q, and vpn capabilities.
Since my colleagues will be connecting to the lab from behind NAT
boxes (linksys and such), I read that IPSEC would not work; so PPTP
was the only other choice. I also favored this choice because no
additional software (client side) was required.

Yesterday, one of my colleagues sent me these two links.

http://en.wikipedia.org/wiki/PPTP#PPTP_Vulnerabilities
http://asleap.sourceforge.net/


Here is an excerpt from the first link:

>The security of PPTP has been entirely broken and PPTP installations
should be retired or upgraded to another VPN technology. The ASLEAP
utility can quickly recover passwords from PPTP sessions and decrypt
PPTP VPN traffic. PPTP attacks cannot be detected by the client or
by the server because the exploit is passive.The failure of PPTP as a
VPN protocol is caused by cryptographic design errors in the Cisco
LEAP and Microsoft MSCHAP-v2 handshake protocols, and by key length
limitations in MPPE. Both LEAP and MSCHAP-v2 derive session keys
from user passwords, which are cryptographically weak.


I knew PPTP wasn't the most secure of VPN solutions but these links
got me worried.

I am not a security expert so I'm not sure how to interpret these articles.

Is m0n0wall impacted by this?