> On Thursday 29 November 2007 09:36, Bazy wrote: >> > Ce şanse am să securizez totuşi reţeaua? Pornesc de la prezumţia că >> > cineva la un moment dat va sparge WEP şi va deduce parametrii de >> > conexiune >
Eu zic sa nu te risti cu pptp: MPPE (Microsoft Point to Point Encryption protocol) has the following flaws: # Vulnerable to bit flipping attacks # The MS-CHAP version 1 when using the 40 bit LANMAN hash uses the same key for both client and server for the connection, able to trivially crack this key using a cryptanalytic XORing attack. # Vulnerable to "Reset-Request" attack # Does not encrypt NCP (Network Control Protocol) PPP packets # Does not verify that the server is authentic # Encryption is not truly 40 or 128 bit The vulnerability to "bit-flipping" attacks is caused by the use of RC4. Vezi si http://www.sans.org/resources/malwarefaq/pptp-vpn.php Muuuult mai sanatos si mai fiabil e openvpn, cum a sugerat un co-listas. Dupa mine pptp chior e bun de pus in scop didactic, dar nu acolo unde ai date de protejat. Ai varianta simpla la openvpn cu cheie statica(daca ai putini clienti), sau cu certificate(varianta mai sigura, si care e utila daca ai mai multi clienti-poti folosi daca e cazul si o autentificare dubala). _______________________________________________ RLUG mailing list [email protected] http://lists.lug.ro/mailman/listinfo/rlug
