Firewall Wizards mailing list archives
Re: Gauntlet & NTLM (PPTP weekness)
From: "Ge' Weijers" <ge () progressive-systems com>
Date: Tue, 14 Oct 1997 15:13:01 -0400 (EDT)
Chris,
The way mppe deals with this is by sending a coherency count with each packet. So, when you receive a packet you check its coherency count, and if it is one greater than the last packet received, then you use your existing RC4 context. This is safe. The problem arises if a packet is dropped. When this happens, the receiver of the packet sends back a CCP Reset-Request. The sender then reinitialzes its RC4 context. There are a couple of ways to attack based on this. One is that you could forge CCP Reset-Requests back to a client, causing it to continue to send packets out with a reinitialized RC4 context.
I have to agree with you on this one. I had not read the specs closely enough. If a congested WAN link causes retransmissions even a passive snooper may learn things. An active attack is very simple, just flood the net with CCP Reset packets. PP[T]P definitely needs a better encryption protocol. Doing it right would have been so trivial: in stead of using a coherency count they could have used the actual offset in the stream, mod. 2^N. No reset messages would have been necessary. Ge'
Current thread:
- RE: Gauntlet & NTLM, (continued)
- RE: Gauntlet & NTLM Ge' Weijers (Oct 14)
- RE: Gauntlet & NTLM Magossa'nyi A'rpa'd (Oct 15)
- PPTP viability (was RE: Gauntlet & NTLM) Philip Cox (Oct 15)
- Re: PPTP viability (was RE: Gauntlet & NTLM) Adam Shostack (Oct 15)
- Re: PPTP viability (was RE: Gauntlet & NTLM) Ge' Weijers (Oct 15)
- Re: PPTP viability (was RE: Gauntlet & NTLM) Craig Brozefsky (Oct 15)
- Re: PPTP viability (was RE: Gauntlet & NTLM) Jyri Kaljundi (Oct 17)
- Re: PPTP viability (was RE: Gauntlet & NTLM) Kent Crispin (Oct 21)
- RE: Gauntlet & NTLM Ge' Weijers (Oct 14)
- Re: Gauntlet & NTLM (PPTP weekness) Chris Boscolo (Oct 15)
- Re: Gauntlet & NTLM (PPTP weekness) Ge' Weijers (Oct 15)
- RE: Gauntlet & NTLM Aleph One (Oct 13)
- VPN services thru firewall was: Gauntlet & NTLM Craig Brozefsky (Oct 14)