[pptp-server] Re: [pptp-server] Security ?

Allan Clark allanc at sco.com
Tue Jun 22 11:02:08 CDT 1999

An initial look at the article suggests that what the authors hammered was
not the PPTP protocol, but the authentication that the PPTP VPN servers on
NT offered access to via open internet.  PPTP seems initially to be just
the path to the weakness, not the weakness itself.  Part of their
observance of weakness deals with use of poor passwords as well, a cheap
component, simple enough to fix.

> While no flaws were found in
> PPTP itself, several serious flaws were found in the Microsoft implementation of it.

The authors do not specifically say "this is ONLY effective against NT",
just that NT is affected.  This implies that they do not recognize PoPToP,
and it may be included.  The fact that PoPToP has to interOp with MS DUN's
VPN client means that it will have the same weaknesses.  It can only
protect itself from DoS attacks, have immediate response to out-of-sequence
packets or illogical packets, etc.

The protocol is not considered weak in this analysis, but the weaknesses
have to be replicated in apparent behavior by PoPToP.  The only thing the
developers can do with PoPToP is make it a stronger server per se -- more
able to handle the attacks when the come.

A significant issue is that one or both authors have built a
commercially-available tool, "l0phtcrack", which will apparently detect the
weak passwords in your system.  The commercial gain of such a research
paper is to be considered, but not as a discredit to their work.



Hamilton Hoover wrote:

> The question is: does PoPToP suffer from the same issues ? or it's only
> the WinNT Server version of PPTP that's vulnerable ?>>
> If you look on the faq page they claim that the crack is only effective
> on WinNT.

More information about the pptp-server mailing list