Link to home
Start Free TrialLog in
Avatar of Roger Alcindor
Roger Alcindor

asked on

How insecure is PPTP

Is PPTP really so insecure ? If using VPN access to a server that has PPTP VPN access configured on it then is the only weakness the strength of the user account passwords or are there other issues ?
I am using Windows server 2008 R2.
Please do not suggest L2TP or other tunnelling protocols, I know that they are more secure.
Avatar of Rob Williams
Rob Williams
Flag of Canada image

PPTP has always been considered rather week security but recently a flaw in MSChapv2, the most secure authentication protocol used with PPTP, indicates it is even less secure than we previously believed.
http://blogs.technet.com/b/srd/archive/2012/08/20/weaknesses-in-ms-chapv2-authentication.aspx
PPTP is the least secure VPN solution.

You can even purchase a PPTP hack on line.
http://www.h-online.com/security/features/A-death-blow-for-PPTP-1716768.html
Avatar of Roger Alcindor
Roger Alcindor

ASKER

If remote VPN access to a particular server was between a wired (not wireless) host and a wired server where there was no wireless Ethernet then how likely is it that hackers could gain access to the traffic between the end user ISP connections ? am I correct to say that any hackers would need to be on either the servers network or the remote user's network ?
ASKER CERTIFIED SOLUTION
Avatar of Rob Williams
Rob Williams
Flag of Canada image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
I am now considering the use of a Cisco RV180 router at the server end and Cisco Quick-VPN client software for remote users (road warriors).

Thanks for your Help