...and you can do this without being first authenticated by the NT server
providing the VPN service?
Brian Steele
----- Original Message -----
From: <[EMAIL PROTECTED]>
To: "Jimi Aleshin" <[EMAIL PROTECTED]>
Cc: "J. T. B." <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Tuesday, December 14, 1999 9:44 AM
Subject: Re: MS PPTP (Safe?)
>
>
>
> One thing to remember, protocol 47 is GRE (Generic Route Encapsulation).
> Remember the days of disabling
> Source Route Forwarding at the TCP Layer ????
> GRE is in it's basic form, the very same thing at the IP layer.
>
> What does this mean ????
>
> Well, I could send a GRE packet that contains another protocol in its
payload.
> This could be, for example, NETBIOS.
> I could then use a GRE stream to browse your Windows NT domain.
>
> Please review RFC 1702 paying strong attention to the section on IP Source
Route
>
> http://www.ietf.org/rfc/rfc1702.txt
>
> After you read the RFC, you may want to consider the risks associated with
it.
>
>
>
>
>
>
>
> "Jimi Aleshin" <[EMAIL PROTECTED]> on 12/13/99 05:45:38 PM
>
> Please respond to "Jimi Aleshin" <[EMAIL PROTECTED]>
>
> To: "J. T. B." <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
> cc: (bcc: Jerry Kendall/Inc/Celestica)
>
> Subject: Re: MS PPTP (Safe?)
>
>
>
>
> It is an implementation of PPP over TCP. This means that a user must
already
> have an Internet connection. The technology creates a second virtual PPP
> network adapter. By using the native PPP authentication and encryption
> services, the technology is easily implemented using existing technology.
> Originally developed by Microsoft, U.S. Robotics (now 3Com), Ascend, and
> other remote access companies.
> In 1998, a severe flaw was found in PPTP's authentication scheme. This was
> fixed in MS-CHAP V2 of Microsoft's implementation.
> When setting up a PPTP server, you must enable port 1723 and protocol 47
> through the firewall.
> So try it out.
>
> /Jimi Aleshin
> Mail: [EMAIL PROTECTED]
> ICQ: 26180172
>
> ----- Original Message -----
> From: J. T. B.
> To: [EMAIL PROTECTED]
> Sent: Monday, December 13, 1999 01:09 PM
> Subject: MS PPTP (Safe?)
>
>
>
> I'm looking at building a secure VPN and was wondering if Microsoft's PPTP
> was any good? I had heard some very bad things about it. Have they
cleaned
> it up, or should I look elsewhere?
>
> Thanks!
>
> ______________________________________________________
> Get Your Private, Free Email at http://www.hotmail.com
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
