nanog mailing list archives
Re: PPP over Ethernet?
From: John Fraizer <John.Fraizer () EnterZone Net>
Date: Fri, 05 Jun 1998 17:34:07 -0400
At 05:40 PM 6/4/98 -0400, you wrote:
Give me 10 minutes with a sniffer and a few nifty tools and not only can I find the PPTP session but, take control. Now, *I* have access to your file on that NiceTry Server.<http://www.counterpane.com/pptp.html> of course.
No, actually, this is a tool that a close friend wrote while working on a test harness for the PPTP protocol. It seems that MS PPTP doesn't quite work as advertized and it was necessary to sniff a ton of sessions to determine the protocol and write the state machine to interface to something other than Winblows as a client or server. I suppose that "releasing" the crack will brings with it notoriety in the community if that's what you're after. Personally, I find it more gratifying to know it can be done and have the prowess to do it than to provide the code to every bored 13y/o on the planet via anonymous ftp.
According to my Microsoft insider, "depends what the client is. If it's NT and uses the NTLM hash, it's quite secure. If it's 9x and uses the LM hash, it's easy to crack. Basically the deal is that 9x clients use a shitty old hash method that's really easy to sniff and crack."
The session hijacked was NT<->NT. With 3DES/Blowfish/etc freely available, why does MS feel the need to _attempt_ to write their own encryption?
Supposedly there are patches that close the holes, but PPTP still doesn't appear to have been designed nicely to begin with.
---START PATCH.BAT--- ;patch.bat echo "Please insert Linux Bootable Installation CD in CD drive." pause "Press <ENTER> when ready." echo "This process may take several minutes depending on the speed of your computer" pause "Please press CTRL-ALT-DEL to begin the patch process..." ---END PATCH.BAT--- ------- John Fraizer (root) | __ _ | The System Administrator | / / (_)__ __ ____ __ | The choice mailto:root () EnterZone Net | / /__/ / _ \/ // /\ \/ / | of a GNU http://www.EnterZone.Net/ | /____/_/_//_/\_,_/ /_/\_\ | Generation A 486 is a terrible thing to waste...
Current thread:
- Re: PPP over Ethernet?, (continued)
- Re: PPP over Ethernet? Alan Hannan (Jun 04)
- Re: PPP over Ethernet? Scott Brim (Jun 04)
- Re: PPP over Ethernet? Rich Sena (Jun 14)
- Re: PPP over Ethernet? Scott Brim (Jun 04)
- Re: PPP over Ethernet? Neil J. McRae (Jun 04)
- Re: PPP over Ethernet? Bill Woodcock (Jun 04)
- Message not available
- Re: PPP over Ethernet? Jay R. Ashworth (Jun 04)
- Message not available
- Re: PPP over Ethernet? Alan Hannan (Jun 04)
- Re: PPP over Ethernet? Richard Parker (Jun 04)
- Re: PPP over Ethernet? John Fraizer (Jun 04)
- Re: PPP over Ethernet? Charley Kline (Jun 04)
- Re: PPP over Ethernet? Owen DeLong (Jun 04)
- Re: PPP over Ethernet? John Fraizer (Jun 05)
- Re: PPP over Ethernet? Michael Nelson (Jun 07)