No subject
Sun Jul 8 18:14:56 CDT 2012
etc etc aren't encrypted (not 100% confimed) and you still end up with the
normal CHAP authentiction which can be cracked too.. (must find that URL
where I found this, Doh!)
This is why we highly suggest to use 128Bit encryption.
pptp 1.0.1 is buggy anyway and we mostly suggest using 1.1.2 though it
wouldn't surprise me if it returns errors too..
-----Original Message-----
From: Matthieu PARISOT [mailto:matthieu at oodrive.fr]
Sent: Thursday, September 13, 2001 1:33 AM
To: pptp-server at lists.schulte.org
Subject: [pptp-server] Is pptpd code secure?
Hi everybody,
I have used its4 ( http://www.cigital.com/its4/ ) to audit pptpd-1.0.1
source archive;
The dump is attached is attached with the mail.
Could anyone with a good knowledge of pptpd sources check this dump and
tells us if there's something wrong?
Is it possible to an attacker to pass arguments to pptpctrl (using a
home made pptp client) ?
Thanks...
More information about the pptp-server
mailing list