instead of pptp I suggest pppoe. all the benefits from pptp with some lesser drawbacks plus almost all bb routers supports pppoe while most don't support pptp.
Best regards, Eje Gustafsson mailto:[EMAIL PROTECTED] The Family Entertainment Network http://www.fament.com Phone : 620-231-7777 Fax : 620-231-4066 - Your Full Time Professionals - eBay UserID : macahan --- searchable smartBridges mailing list archive. http://www.mail-archive.com/smartbridges40part-15.org/ -- DB> I've used various pptp servers, though not poptop in particular. With DB> them you can create encrypted mppe sessions, 128bit stateless mppe DB> with ms chapv2 password authentication is the way to go I think. DB> warning: the following is probably full of bad cryptography terminology DB> and bastardizations because i am not an expert on the matter. DB> Unfortunately mppe is not entirely secure, there are one or two DB> eavesdropping+brute force attacks that can be used against it. DB> I believe that because of the rotating hashing function and the DB> weakness of rc4 streams (atleast there are different hashes for DB> each direction) one can snoop the packets and eventually DB> come up with the first bunch of bit of the password and DB> then be left with only 65XXX potential combinations that need DB> to be pushed through an nt password cracker to come DB> up with the password and be able to read the encrypted stream. DB> Also dictionary attacks can be extremely effective against mppe DB> so strong passwords are a must. DB> Overall is this better than wep? yes i think so. WEP + pptp tunnels DB> seems like a pretty good way to go but the VPN/PPTP might DB> make the user feel more secure than they really are. DB> end result: You probably dont want to put the DoD on a PPTP DB> encrypted tunnel system but I'm sure that its plenty good DB> for most businesses and all home users. Banks, Hospitals, DB> Insurance companies, etc, IPsec tunnels over l2tp would be DB> more secure. However they would also be a giant pain DB> in the butt to setup. DB> Also PPTP tunnels are not light on the cpu really. I can only do about DB> 20mb/s of encrypted pptp on a duron 900. So this isnt going to work DB> on a soekris or other SBCs. DB> Dave DB> At 10:25 PM 30/06/2003 -0400, you wrote: >>Has anyone done any experimenting with PoPToP? >> >>http://poptop.org >> >>My understanding is that it provides that ability to use encrypted ppp >>sessions with Windows clients without an additional software on the client >>system. >> >>Does this mean that wisps (like me & us) could use poptop to encrypt "all" >>the >>traffic between clients and our systems? This is a concern for me - because >>"I think that my clients think" that wireless is "insecure" I know I need to >>educate them about the padlock on the browser, encrypted e-mail, etc., but >>would using an app like poptop allow me to say that I have as secure a system >>as their old dialup system? >> >>Oh yeah, better put something about smartbridges in here. Does any one >>know if >>there is an incompatibilities between poptop and smartbridges equipment? >> >>Erik >> >>The PART-15.ORG smartBridges Discussion List >>To Join: mailto:[EMAIL PROTECTED] (in the body type subscribe >>smartBridges <yournickname> >>To Remove: mailto:[EMAIL PROTECTED] (in the body type unsubscribe >>smartBridges) >>Archives: http://archives.part-15.org DB> The PART-15.ORG smartBridges Discussion List DB> To Join: mailto:[EMAIL PROTECTED] (in the body type subscribe smartBridges <yournickname> DB> To Remove: mailto:[EMAIL PROTECTED] (in the body type unsubscribe smartBridges) DB> Archives: http://archives.part-15.org DB> --- DB> [This E-mail scanned for viruses by Declude Virus] --- [This E-mail scanned for viruses by Declude Virus] The PART-15.ORG smartBridges Discussion List To Join: mailto:[EMAIL PROTECTED] (in the body type subscribe smartBridges <yournickname> To Remove: mailto:[EMAIL PROTECTED] (in the body type unsubscribe smartBridges) Archives: http://archives.part-15.org
