Tugger the SLUGger!SLUG Mailing List Archives

Re: [SLUG] Win2k - Linux VPN


On Thu, Mar 13, 2003 at 05:14:58PM +1100, Phil Scarratt wrote:

> My concern with the PPTP path is the reported security issues:

It's actually MS's implementation that's flawed rather than PPTP itself.
However, the most likely reason for using PPTP is Windows clients and
that means MS's implementation.

Bruce Schneier has analysed it and found it to be severely flawed, and
recommends IPSEC instead.  That's good enough for me.  From
http://www.counterpane.com/pptp-faq.html:

    3. How bad is it?

        Very. Microsoft PPTP is very broken, and there's no real way to
        fix it without taking the whole thing down and starting over.
        This isn't just one problem, but six different problems, any
        one of which breaks the protocol.



Cheers,

John
-- 
whois !JC774-AU@xxxxxxxxxxxxxxx
GPG key id: 0xD59C360F
http://kirriwa.net/john/