PPTP (MPPE) security

  • Thread starter Thread starter Alvyn
  • Start date Start date
A

Alvyn

Hi,

I came across a documentation stating that 3DES had been
hacked. But of course by thousands of PCs at one go.

Anyone can advise me on this :

1. How about PPTP (MPPE) ? Can anyone with good hacking
knowledge but "limited resources", hacked this MPPE ?

I ask this because I am using PPTP and is concern about it.

No offence to anyone :)

thanks
 
Pptp uses a less secure encryption protocol than l2tp to be sure but still
considered secure enough for the vast majority of users. Be sure to use a
complex password for pptp as the password for initial authentication is not
protected by the vpn tunnel though if you are using mschapv2 you should be fine.
As far as 3DES and l2tp/ipsec, the keys used for encryption are changed often
enough that even if the session was cracked it would only yield a small amount
of data for a tremendous amount of effort that would probably be old enough to
be useless by then. I use pptp a lot and do not worry about it. Those trying to
crack vpn traffic would be going after high profile targets, definitley not
e. --- Steve
 
Hi Mr Steven Umbach

Thanks for the info.

Rgds
-----Original Message-----
Pptp uses a less secure encryption protocol than l2tp to be sure but still
considered secure enough for the vast majority of users. Be sure to use a
complex password for pptp as the password for initial authentication is not
protected by the vpn tunnel though if you are using mschapv2 you should be fine.
As far as 3DES and l2tp/ipsec, the keys used for encryption are changed often
enough that even if the session was cracked it would only yield a small amount
of data for a tremendous amount of effort that would probably be old enough to
be useless by then. I use pptp a lot and do not worry about it. Those trying to
crack vpn traffic would be going after high profile targets, definitley not
e. --- Steve





.
Click to expand...
 
Back
Top