# Flawed encryption mechanism -- non-random keys, session keys weak hash of user password, key lengths too short (non-configurable)
# Bad password management in mixed Win95/NT environment; static passwords easily compromised
# Vulnerable to server spoofing attacks because packet authentication not implemented, easy denial-of-service attacks even inside firewalls
# MS claims cryptographic weaknesses not yet exploited
Fil
Kevin Saenz wrote:
When I was playing with windows and Linux VPN I was using PPTP
the connectivity is seamless. I think if you are using Windows
standard VPN software then I would be inclined to point you to
use PPTP kernel patch. You don't need to add any third party software to Windows.
PPTP has pretty good docs on how to install PPTP on to Linux and get the server up and running. Also making Linux a PPTP/VPN server is a piece of cake.
Hi all
Sorry to interrupt all this talk about nominations....
Anyone know a good howto or pointers on setting up a VPN from Win32 clients to Linux server? I'm currently looking at setting up an IPSEC/L2TP tunnel but am having trouble getting IPSec to work. I tried to follow instructions at both
http://www.strongsec.com/freeswan/install.htm
and
http://www.jacco2.dds.nl/networking/freeswan-l2tp.html
to no avail as yet. I get packets arriving at the eth interface but not ipsec0 interface (tcpdump). No packets are being dropped or rejected but the logs say the following:
Mar 13 16:25:39 neo pluto[28331]: "L2TP-CERT-WIN2KXP"[2] 192.168.1.201 #3: unable to locate my private key for RSA Signature
Mar 13 16:25:55 neo pluto[28331]: "L2TP-CERT-WIN2KXP"[2] 192.168.1.201 #3: Peer ID is ID_DER_ASN1_DN: 'C=AU, ST=NSW, O=Draxsen, CN=rivendell'
The error looks like an obvious oversight somewhere but I can't find it?
Is there a better way? (apart from not using M$ OS at all that is).
Thanks for any tips or info.
Fil -- Phil Scarratt
-- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
