Thanks for your response. I am using PPTP over wireless on an open non
WEP/WPA hotspot, the idea is that I want to offer an open hotspot for
neighbors and cafe goers but still encrypt my connection (or anyone else
who e-mails me that wants security).
I realize most people say IPSec is 'better'; I'll have to do some
searches to see the issues with PPTP (other then it being a MS
creation), I of course don't want to use something that can be hacked in
an hour -- will do more research online regarding PPTP security though I
imagine it is relatively secure or folks wouldn't have it in m0n0wall to
Can anyone tell me why PPTP is 'bad' or less secure then IPSec?
I'm glad to hear you think its secure over the air, I'm going to have to
locate another wireless laptop and sniff the connection for that added
self-verification that will make me sleep better at night ;).
Chet Harvey wrote:
> PPTP is not the tunneling "choice" for encrypted tunnels but it does a decent
> job. 128 bit encryption via OpnSSL. How it works is the "tunnel" is encrypted
> by the software on your system and started at the interface. It is then
> decrypted at the endpoint interface on the other side.
> That said, you are sending packets across open airwaves which makes it easier
> to "sniff" and decrypt than on old school cat5. You didnt specify if you had
> WEP or WPA enabled which would help somewhat.
> Personally I would IPSec to the m0n0wall via wireless instead of WEP.
> That was the Long winded answer to your question, short answer is most likely
> yes. Is it the best you can do, probably not.
> Chet Harvey
> Pitbull Technologies <http://www.pittech.com/>
> Protecting your Digital Assets