No subject

Some people find browsing fails because they don't have the global
"guest account" set to a valid account.  Remember that the IPC$
connection that lists the shares is done as guest, and thus you must
have a valid guest account.
----------------------------

Also, is the PPTP clients WORKGROUP participation set to match what the
clients on the LAN are configured to?

> 
> Does PPTPD know my SMB username but not my password, or vice 
> versa?  I thought maybe because it was encrypted using
> libsmbpw.so that maybe it couldn't figure it out, but then
> using chap-secrets plain-text passwords don't cut it either.
> 
> Anyone know what this is all about?
> 
> Geez, I thought this whole PPTPD Linux server was gonna be at
> least a weekend of work, but it's turning out to be months
> worth of work.
> 

With regards to the "subject" line of this thread... lets make sure we are
comparing apples to apples here. I'd hate to see PopTop/PPPD get the
reputation of being insecure without the following clarification being
noted.

1) If you have configured your PopTop/PPPD system to re-direct PPTP tunnel
authentication to use the libsmbpw.o lib's (smbpasswd), then your system
appears to be vulnerable to the blank user/pass exploit mentioned in this
thread.  

2) Those of you who are still using the chap-secrets file (no re-direct) for
tunnel authentication are NOT vulnerable to the blank user/pass exploit
mentioned in this thread. I just verified this on my PopTop server! I do not
use the re-direct to libsmbpw.o

Steve Cowles