RE: MS PPTP (Safe?)

Tue, 14 Dec 1999 08:07:06 -0800

Title: RE: MS PPTP (Safe?)

MSCHAP version 2, simply corrected the problem of both the LAN Manager hash and the NT HASH being sent, using MSCHAP version 2 it will only send the NT HASH and you must be running MSDUN version 2. This addresses some of the security issues with MSCHAP, but does solve all the issues regarding encrypting data with MSCHAP. Also if you authenticate to RADIUS, support for MSCHAP ver2 may be a problem. I would direct to www.counterpane.com for further details as was already recommended by someone else on the list.

Regards

Robert Dolliver

                                                  

Educational Services

Nortel Networks

1 Federal St.

Billerica Ma

PGP users my key server is located at:

pgpkeys.mit.edu

my key hash is:

71DD 037B AE30 C046 9D3B  795B D9CB 248D 44F0 1895

    -----Original Message-----
    From:   Jimi Aleshin [SMTP:[EMAIL PROTECTED]]
    Sent:   Monday, December 13, 1999 5:46 PM
    To:     J. T. B.; firewalls
    Subject:        Re: MS PPTP (Safe?)

    It is an implementation of PPP over TCP. This means that a user must already
    have an Internet connection. The technology creates a second virtual PPP
    network adapter. By using the native PPP authentication and encryption
    services, the technology is easily implemented using existing technology.
    Originally developed by Microsoft, U.S. Robotics (now 3Com), Ascend, and
    other remote access companies.
    In 1998, a severe flaw was found in PPTP's authentication scheme. This was
    fixed in MS-CHAP V2 of Microsoft's implementation.
    When setting up a PPTP server, you must enable port 1723 and protocol 47
    through the firewall.
    So try it out.

     /Jimi Aleshin
     Mail: [EMAIL PROTECTED]
     ICQ: 26180172

    ----- Original Message -----
    From: J. T. B.
    To: [EMAIL PROTECTED]
    Sent: Monday, December 13, 1999 01:09 PM
    Subject: MS PPTP (Safe?)



    I'm looking at building a secure VPN and was wondering if Microsoft's PPTP
    was any good?  I had heard some very bad things about it.  Have they cleaned
    it up, or should I look elsewhere?

    Thanks!

    ______________________________________________________
    Get Your Private, Free Email at http://www.hotmail.com
    -
    [To unsubscribe, send mail to [EMAIL PROTECTED] with
    "unsubscribe firewalls" in the body of the message.]

    -
    [To unsubscribe, send mail to [EMAIL PROTECTED] with
    "unsubscribe firewalls" in the body of the message.]

Reply via email to