RE: PPTP viability (was RE: Gauntlet & NTLM)

["Ge' Weijers" <ge () progressive-systems com>]

Phil,

> 2. PPTP 128-bit (MPPE) is still flawed. (though no one has given any solid
> evidence to this, except to allude to the M$ track record, and current PPTP
> 40-bit problems)

I have a grave suspicion that MPPE uses the same key in both
directions. MPPE uses RC4, a stream cipher, and it's therefor insecure,
because if the two ciphertexts are exclusive-ored you get the
exclusive-ored plaintexts. With a bit of guesswork an attacker can gain
a lot of information.

Windows NT does not have good support for security out of the box. I
don't have any experience with the other products you named, I use SSH
for most purposes.


Ge' Weijers                                Voice: (614)326 4600
Progressive Systems, Inc.                    FAX: (614)326 4601
2000 West Henderson Rd. Suite 400
Columbus, OH 43220           http://www.Progressive-Systems.com