[pptp-server] More than just password authentication?
Steve Cody
SCody at Gulbrandsen.com
Mon Sep 25 07:32:20 CDT 2000
I use PoPToP on a Redhat linux system. It is working great. My only issue
is that I don't like to have the only barrier between a hacker and my
network be a username and password. I rely on my firewall for security.
Currently, I have a generic username and password and when my users need to
connect, they give me their IP address and I allow that through my firewall
for the length of their VPN connection.
This is obviously not the best way to provide VPN access for my users. It
has several limitations. The problem with using only username/password
authentication is that any hacker with a brute force hacking program, and
enough time on their hands can start at 6pm on a Friday night and maybe get
somewhere by Sunday.... You know what I mean?
I would like to have a way to allow my Windows clients to connect without
merely having a username and password. Are there better ways of
authenticating users? When I connect to my linux systems for administrative
purposes, I use RSA authentication. I don't have to worry about the
username and password. Is anything similar to this available for
PoPToP/PPP? I need to have it open to all IP addresses.
Thanks in advance!
Steve Cody, MCSE
Information Systems Administrator
Gulbrandsen Manufacturing, Inc.
Office - 803.531.2413 x102
Email - scody at gulbrandsen.com
More information about the pptp-server
mailing list