Remote Access: (3) PPTP

PPTP (Point-to-Point Tunneling Protocol)

During old time when users connect to RAS (Remote Access Server), it is quite costly for phone bill, especially for geographically far location and huge amount of users dial in. To save cost, dial in via Internet is chosen, where PPTP, designed by Microsoft and 3Com is hence in place. On Microsoft PPTP connection, the operation is running on TCP port 1723. Further information plese refer to Microsoft: Understanding PPTP (Windows NT4.0) .

Note: Not initially support by Windows9.x/ME or NT4.0 but these OS (except Win95) can create L2TP connections using Microsoft L2TP/IPSec Vpn client add-on.

PPTP vulnerability

Negotiation data is not encrypted. Microsoft PPTP use a separate, unencrypted channel to for channel command, which used for open, close and maintain connection.

Only work over IP networks. It is gonna work in other network like AppleTalk (although everyone use TCP/IP today).

Buffer overflow: Microsoft PPTP Implementation Buffer Overflow Vulnerability.

The cryptography guru Bruce Schenier has a very interesting description about PPTP which can be read here.

Incompatibility with IPSec. IPSec as a loose definition of standards containing various protocol for secure VPN, has the advantage of flexible and security. Unfortunately PPTP is not compatible to it at all.


0 Responses to “Remote Access: (3) PPTP”

  1. Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: