PPTP versus L2TP and possible attacks
From: James D. Stallard (james_at_leafgrove.com)
Date: 02/11/04
- Previous message: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]: "Re: MS04-006 patch.. error in verbage?"
- Next in thread: Patrick Power: "Re: PPTP versus L2TP and possible attacks"
- Reply: Patrick Power: "Re: PPTP versus L2TP and possible attacks"
- Reply: Chris Gianelloni: "Re: PPTP versus L2TP and possible attacks"
- Maybe reply: Patrick Power: "Re: PPTP versus L2TP and possible attacks"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: <focus-ms@securityfocus.com> Date: Wed, 11 Feb 2004 19:19:19 -0000
Hi
I have recently deployed a VPN Server using Microsoft RRAS. RRS is the
preferred technology because there are few anticipated users and the
software is free :)
The VPN Server sits behind the corporate firewall and operates fine,
accepting incoming connections reliably.
I am rather new to the VPN game (I usually design Active Directory
infrastructures) and set up both L2TP and PPTP protocols for convenience
sake while the client pilots the solution. My questions are therefore:
1. Which is the better tunnelling protocol in terms of security and
functionality, L2TP or PPTP, and why?
2. Is the community aware of any exploits that could be levelled against the
firewall with the following ports opened to support VPNs?
L2TP requires: Protocol 50, UDP 4500, UDP 500
PPTP requires: Protocol 47, TCP 1723
3. Anything else I should know?
All advice is appreciated
Thanks in advance
Regards
James D. Stallard
---------------------------------------------------------------------------
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection
Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.
Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.
Download 30-day evaluation at:
http://www.astaro.com/php/contact/securityfocus.php
---------------------------------------------------------------------------
- Previous message: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]: "Re: MS04-006 patch.. error in verbage?"
- Next in thread: Patrick Power: "Re: PPTP versus L2TP and possible attacks"
- Reply: Patrick Power: "Re: PPTP versus L2TP and possible attacks"
- Reply: Chris Gianelloni: "Re: PPTP versus L2TP and possible attacks"
- Maybe reply: Patrick Power: "Re: PPTP versus L2TP and possible attacks"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
