On 04/05/2012 04:12 AM, Ralf-Philipp Weinmann wrote:
Do you have statistics on that? I remember newer Microsoft and Apple
operating systems supporting L2Sec quite well. And then there are the
Cisco abominanations of IPSec that are quite common. But maybe not as
common as SSL VPNs. And let's not forget OpenVPN for the geek
faction. Where did you get the data that PPTP still is "one of the
most commonly-used VPN protocols".
Honestly, it's been years since I messed with VPNs and I have not done
methodical research. I suspect VPN industry studies are likely to to be
skewed by selection bias (IT departments who are likely to spend spend
money on a real VPN).
Here's why I think PPTP is still in common use.
* PPTP is supported by Windows XP without any special client software.
So is L2TP/IPsec PSK, but that's not the kind of VPN that users log in
to. Most other solutions seem to involve the admin setting up a PKI
infrastructure. We all know how much fun that is.
* There's a plethora of HOWTO pages for VPNs that use PPTP. E.g.
http://www . chicagotech . net/vpnsetup.htm
* Some sources even treat PPTP as synonymous with VPNs:
http://www . sevenforums .
com/tutorials/4517-virtual-private-network-vpn-enable-incoming-vpn-connections.html
"How to Configure your Computer to Accept Incoming VPN Connections in
Windows 7 [...] Information This will show you how to configure your
computer to accept VPN connection and router settings to allow
Point-to-Point Tunneling Protocol (PPTP) on your Network in Windows 7."
* http://bandwidthcontroller . com/applicationPorts.html
"This table lists the ports used by some of the more popular applications."
PPTP is listed, L2TP/IPsec is not even mentioned.
* http://whatismyipaddress . com/vpn-service
"PPTP is the most common VPN protocol. It uses TCP port 1723 and Generic
Routing Encapsulation (GRE) to secure packets. The main advantage of
PPTP is that all major operating systems and many smartphones can
natively use PPTP without any additional software."
* http://www.wilderssecurity.com/showpost.php?p=1565325&postcount=19
"I'm reading and the only thing I've come across is that MS CHAP v1 is
badly broken and MS CHAP v2 is susceptible to dictionary attacks because
the keys are derived deterministically from the password."
* http://www.sans.org/security-resources/malwarefaq/pptp-vpn.php
Hey yall! There's this here NSA backdoor still lingering around
from the 1990's! I guess we know what they wanted that big ole
datacenter now for huh?
Marsh, sorry, but that is ridiculous.
Yes, it was a bit silly I admit :-)
A high-school kid with a couple
of hard drives filled with rainbow tables will do as a valid stand-in
for the attacker in your threat model. Heck, I'd guess there's even a
Russian "cloud service" for this by now.
I disagree.
There are users who are careful to choose really good passwords. There
are smart folks who are expecting this protocol to provide security
equivalent to the password, at least up to 128 bits. I have talked with
a few of them.
Here's a random example from the web:
http://www . net . princeton . edu/vpn/pptp.html
"If you connect using MS-CHAPv2 and are using a weak password, attackers
can use this tool to discover your password. As this tool relies on a
dictionary search, it should be possible to defend against it by
selecting an extremely strong OIT Windows password."
- Marsh
_______________________________________________
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography