No subject

Sun Jul 8 18:14:56 CDT 2012

Some people find browsing fails because they don't have the global
"guest account" set to a valid account.  Remember that the IPC$
connection that lists the shares is done as guest, and thus you must
have a valid guest account.

Also, is the PPTP clients WORKGROUP participation set to match what the
clients on the LAN are configured to?

> Does PPTPD know my SMB username but not my password, or vice 
> versa?  I thought maybe because it was encrypted using
> that maybe it couldn't figure it out, but then
> using chap-secrets plain-text passwords don't cut it either.
> Anyone know what this is all about?
> Geez, I thought this whole PPTPD Linux server was gonna be at
> least a weekend of work, but it's turning out to be months
> worth of work.

With regards to the "subject" line of this thread... lets make sure we are
comparing apples to apples here. I'd hate to see PopTop/PPPD get the
reputation of being insecure without the following clarification being

1) If you have configured your PopTop/PPPD system to re-direct PPTP tunnel
authentication to use the libsmbpw.o lib's (smbpasswd), then your system
appears to be vulnerable to the blank user/pass exploit mentioned in this

2) Those of you who are still using the chap-secrets file (no re-direct) for
tunnel authentication are NOT vulnerable to the blank user/pass exploit
mentioned in this thread. I just verified this on my PopTop server! I do not
use the re-direct to libsmbpw.o

Steve Cowles

More information about the pptp-server mailing list