[ previous ] [ next ] [ threads ]
 From:  Manuel Kasper <mk at neon1 dot net>
 To:  Francisco Reyes <lists at natserv dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Which version of pptp?
 Date:  Fri, 05 Mar 2004 22:56:27 +0100
On 05.03.2004 16:09 +0000, Francisco Reyes wrote:

>> It depends...
>> - Manuel
> On what?

On your views as far as the definition of "safe" or "secure" is
concerned... From <http://www.schneier.com/paper-pptpv2.html>:

	"Microsoft has improved PPTP to correct the major security
	weaknesses described in [SM98]. However, the fundamental
	weakness of the authentication and encryption protocol is
	that it is only as secure as the password chosen by the user.
	As computers get faster and distributed attacks against
	password files become more feasible, the list of bad
	passwords-dictionary words, words with random capitalization,
	words with the addition of numbers, words with numbers
	replacing letters, reversed words, acronyms, words with the
	addition of punctuation-becomes larger. Since authentication
	and key-exchange protocols which do not allow passive
	dictionary attacks against the user's password are
	possible-Encrypted Key Exchange [BM92,BM94] and its variants
	[Jab96,Jab97,Wu98], IPSec-it seems imprudent for Microsoft to
	continue to rely on the security of passwords. Our hope is
	that PPTP continues to see a decline in use as IPSec becomes
	more prevalent."

> The one thing I read is password not been easy to guess is very
> important. Would 8 characters mixed case, numbers and symbols be
> enough?

Probably barely... I'd aim for 12+ characters, but that's only a
personal opinion, and of course it also depends on what you're trying
to protect. If it's very valuable, PPTP is probably the wrong tool
for the job anyway.

- Manuel