1 / 73

PPTP

PPTP. Generic Routing Encapsulation Example uses. In conjunction with PPTP to create VPNs. Network address translation SNAT.

bisa
Télécharger la présentation

PPTP

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. PPTP https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

  2. Generic Routing Encapsulation Example uses • In conjunction with PPTP to create VPNs. https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

  3. Network address translation SNAT • Microsoft's Secure network address translation (SNAT) is part of Microsoft's Internet Security and Acceleration Server and is an extension to the NAT driver built into Microsoft Windows Server. It provides connection tracking and filtering for the additional network connections needed for the FTP, ICMP, H.323, and PPTP protocols as well as the ability to configure a transparent HTTP proxy server. https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

  4. OSI model - Examples • 5 Session ISO/IEC 8327, X.225, ISO/IEC 9548-1, X.235 Sockets. Session establishment in TCP, RTP, PPTP ASP, ADSP, PAP NWLink DLC? Named pipes, NetBIOS, SAP, half duplex, full duplex, simplex, RPC, SOCKS https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

  5. Layer 2 Tunneling Protocol - History • Published in 1999 as proposed standard RFC 2661, L2TP has its origins primarily in two older tunneling protocols for Point-to-Point communication: Cisco's Layer 2 Forwarding Protocol (L2F) and USRobotics Point-to-Point Tunneling Protocol (PPTP) https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

  6. Layer 2 Tunneling Protocol - Implementations • Open source and Linux: xl2tpd, Linux RP-L2TP, OpenL2TP, l2tpns, l2tpd (inactive), Linux L2TP/IPsec server, FreeBSD multi-link PPP daemon, OpenBSD npppd(8), ACCEL-PPP - PPTP/L2TP/PPPoE server for Linux https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

  7. Layer 2 Tunneling Protocol - Internet standards and extensions • RFC 2637 Point-to-Point Tunneling Protocol (PPTP) (a predecessor to L2TP) https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

  8. Telecommunications in Syria - Internet censorship • Voice over Internet Protocol (VoIP) is blocked completely and requires a proxy or Virtual Private Network (VPN) to work around it. However, VoIP operators that utilize non-standard Session Initiation Protocol (SIP) ports may function behind Syria's proxy. VPN Access using the Point-to-Point Tunneling Protocol (PPTP) is also blocked. https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

  9. Virtual private network - Plaintext tunnels • Besides the GRE example above, native plaintext tunneling protocols include Layer 2 Tunneling Protocol (L2TP) when it is set up without IPsec and Point-to-Point Tunneling Protocol (PPTP) or Microsoft Point-to-Point Encryption (MPPE). https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

  10. Virtual private network - Trusted delivery networks • Layer 2 Tunneling Protocol (L2TP) which is a standards-based replacement, and a compromise taking the good features from each, for two proprietary VPN protocols: Cisco's Layer 2 Forwarding (L2F) (obsolete as of 2009) and Microsoft's Point-to-Point Tunneling Protocol (PPTP). https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

  11. Telecommunications in Algeria - Anonymous involvement • They also will require authorization for any type of Virtual Private Network (VPN) technology (for example; PPTP, L2TP, GRE Tunneling, OpenVPN, and most other protocols that allow you protect your information) https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

  12. Point-to-Point Tunneling Protocol • The Point-to-Point Tunneling Protocol (PPTP) is a method for implementing virtual private networks. PPTP uses a control channel over TCP and a GRE tunnel operating to encapsulate PPP packets. https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

  13. Point-to-Point Tunneling Protocol • However, the most common PPTP implementation shipping with the Microsoft Windows product families implements various levels of authentication and encryption natively as standard features of the Windows PPTP stack https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

  14. Point-to-Point Tunneling Protocol - Specification • A specification for PPTP was published in July 1999 as RFC 2637 and was developed by a vendor consortium formed by Microsoft, Ascend Communications (today part of Alcatel-Lucent), 3Com, and others. PPTP has not been proposed nor ratified as a standard by the IETF. https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

  15. Point-to-Point Tunneling Protocol - Specification • A PPTP tunnel is instantiated by communication to the peer on TCP port 1723. This TCP connection is then used to initiate and manage a second GRE tunnel to the same peer. https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

  16. Point-to-Point Tunneling Protocol - Specification • The PPTP GRE packet format is non standard, including an additional acknowledgement field replacing the typical routing field in the GRE header. However, as in a normal GRE connection, those modified GRE packets are directly encapsulated into IP packets, and seen as IP protocol number 47. https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

  17. Point-to-Point Tunneling Protocol - Implementations • The Routing and Remote Access Service for Microsoft Windows contains a PPTP server https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

  18. Point-to-Point Tunneling Protocol - Implementations • Windows Vista and later support the use of PEAP with PPTP. The authentication mechanisms supported are PEAPv0/EAP-MSCHAPv2 (passwords) and PEAP-TLS (smartcards and certificates). Windows Vista removed support for using the MSCHAP-v1 protocol to authenticate remote access connections. https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

  19. Point-to-Point Tunneling Protocol - Implementations • There is also ACCEL-PPP – PPTP/L2TP/PPPoE server for Linux which supports PPTP in kernel-mode. https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

  20. Point-to-Point Tunneling Protocol - Implementations • OS X and iOS are bundled with a PPTP client. Cisco and Efficient Networks sell PPTP clients for older Mac OS releases. Palm PDA devices with Wi-Fi are bundled with the Mergic PPTP client. https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

  21. Point-to-Point Tunneling Protocol - Implementations • Many different Mobile phones with Android as the operating system support PPTP as well. https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

  22. Point-to-Point Tunneling Protocol - Security • PPTP has been the subject of many security analyses and serious security vulnerabilities have been found in the protocol. The known vulnerabilities relate to the underlying PPP authentication protocols used, the design of the MPPE protocol as well as the integration between MPPE and PPP authentication for session key establishment. PPTP is (as of October 2012) considered cryptographically broken and its use is no longer recommended by Microsoft. https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

  23. Point-to-Point Tunneling Protocol - Security • EAP-TLS is seen as the superior authentication choice for PPTP; however, it requires implementation of a Public Key Infrastructure for both client and server certificates. As such it is not a viable authentication option for many remote access installations. https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

  24. m0n0wall - Derivatives • m0n0wall mod: Original m0n0wall with additional features (DHCP+PPTP, DHCP+PPPoE, static+PPPoE, L2TP, WAN eth interface). https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

  25. pfSense - Features • Virtual Private Networks using IPsec, L2TP, OpenVPN, or PPTP https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

  26. Vyatta - Release History • 4.0 April 2008 Historical Glendale Eureka 2.6.23 New CLI, PPTP and L2TP VPN servers, PPPoE client, DHCP client, WAN load balancing, ECMP (Equal Cost Multipath Routing), user roles. XORP replaced with quagga. https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

  27. Point-to-point protocol - Derived protocols • PPTP is a form of PPP between two hosts via GRE using encryption (MPPE) and compression (MPPC). https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

  28. M0n0wall - Features • *IPsec and Point-to-point tunneling protocol|PPTP Virtual private network|VPNs https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

  29. M0n0wall - Derivatives • * [http://code.google.com/p/m0n0wall-mod/ m0n0wall mod]: Original m0n0wall with additional features (DHCP+PPTP, DHCP+PPPoE, static+PPPoE, L2TP, WAN eth interface). https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

  30. VPN - Plaintext tunnels • Besides the GRE example above, native plaintext tunneling protocols include Layer 2 Tunneling Protocol|Layer 2 Tunneling Protocol (L2TP) when it is set up without IPsec and Point-to-Point Tunneling Protocol|Point-to-Point Tunneling Protocol (PPTP) or Microsoft Point-to-Point Encryption|Microsoft Point-to-Point Encryption (MPPE). https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

  31. VPN - Trusted delivery networks • Valencia et al., May 1998 (obsolete ) and Microsoft's Point-to-Point Tunneling Protocol (PPTP).[http://www.ietf.org/rfc/rfc2637.txt Point-to-Point Tunneling Protocol (PPTP)], RFC 2637, K https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

  32. Windows Mobile - Features • Windows Mobile support virtual private networking (VPN) over PPTP protocol https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

  33. OpenVZ - Limitations • OpenVZ is limited to the providing only some VPN technologies based on PPP (such as PPTP/L2TP) and TUN/TAP. IPsec is supported inside containers since kernel 2.6.32. https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

  34. Windows 98 - Networking enhancements • Windows 98 Dial-Up Networking supports Point-to-Point Tunneling Protocol|PPTP tunneling, support for ISDN adapters, multilink support, and connection-time scripting to automate non-standard login connections https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

  35. Mentor Graphics - Products • ***Nucleus Point-to-Point Tunneling Protocol (PPTP) software https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

  36. EComStation - Version 1.1 • Various other enhancements such as built-in support for PPPoE and PPtP Internet connections were also provided. https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

  37. Jornada (PDA) - Jornada 728 • It runs on the Windows CE 3.0 based Handheld PC 2000 and contains a slightly higher OS revision than the 710 or 720, providing the user with native PPTP VPN functionality https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

  38. Generic Routing Encapsulation - Example uses • * In conjunction with Point-to-point tunneling protocol|PPTP to create VPNs. https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

  39. Windows NT 4.0 Embedded - Features • The server editions of Windows NT 4.0 include Internet Information Services 2.0, Microsoft FrontPage 1.1, Windows Media Services|NetShow Services, Remote Access Service (which includes a Point-to-Point Tunneling Protocol|PPTP server for VPN functionality) and Multi-Protocol Routing service https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

  40. Windows NT 4.0 Embedded - Service packs • The service packs also added a multitude of new features such as newer versions of or improvements to Internet Information Services, public-key and certificate authority functionality, user accounts and user profile improvements, smart card support, improved symmetric multiprocessing (SMP) scalability, clustering capabilities, Component Object Model|COM support improvements, User Profile Disk Quotas, Event Log service, Security Configuration Manager Microsoft Management Console|MMC snap-in, MS-CHAPv2 and NTLMv2, Server Message Block|SMB packet signing, SYSKEY, Windows NT startup process|boot improvements, Windows Internet Naming Service|WINS improvements, Routing and Remote Access Service (RRAS), Point-to-Point Tunneling Protocol|PPTP, DCOM/HTTP tunneling improvements, IGMPv2, Windows Management Instrumentation|WMI, Microsoft Active Accessibility|Active Accessibility and NTFS 3.0 support among others.[http://web.archive.org/web/19990117055557/http://www.microsoft.com/ntserver/nts/exec/overview/NT4SP4whatnew.asp What's New in Windows NT 4.0 Service Pack 4?] https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

  41. Ciphertext-only attack • *Early versions of Microsoft's Point-to-point tunneling protocol|PPTP virtual private network software used the same RC4 key for the sender and the receiver (later versions had other problems). In any case where a stream cipher like RC4 is used twice with the same key it is open to ciphertext-only attack. See: stream cipher attack https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

  42. David A. Wagner • * 1999 Cryptanalysis of Microsoft's Point-to-point tunneling protocol|PPTP tunnelling protocol (with Bruce Schneier and Peiter Zatko|Mudge). https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

  43. Cryptographic engineering - Inherent zero-defect requirement • Examples: Netscape random bug found at UC Berkeley, Microsoft's PPTP protocol implementation problems found by Schneier. https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

  44. Comparison of firewalls - Non-Firewall extra features comparison • VPN (Virtual Private Network) Types are: PPTP, L2TP, MPLS, IPsec, SSL/SSH. https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

  45. ClearOS - Features • * Virtual private networking (IPSEC, PPTP, OpenVPN) https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

  46. L2TP - History • Published in 1999 as proposed standard RFC 2661, L2TP has its origins primarily in two older tunneling protocols for Point-to-Point communication: Cisco Systems, Inc.|Cisco's Layer 2 Forwarding Protocol (L2F) and USRobotics Point-to-Point Tunneling Protocol (PPTP) https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

  47. Ipsectrace • Although its main purpose is to monitor ipsec traffic, ipsectrace can be used to crack extra layers of security brought about by VPN implementations of security such as ipsec and Secure Shell|SSH, whereas programs such as Anger, Deceit, and Ettercap can be used to infiltrate PPTP security. https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

  48. List of wireless router firmware projects - Minor projects • Supports captive portal, 802.1Q VLAN support, IPv6 support, stateful packet filtering, NAT/PAT, DHCP, PPPoE/PPTP on WAN interface, IPsec VPN tunnels with support for hardware crypto cards and mobile clients and certificates, PPTP VPN with RADIUS server support, static routes, DHCP server/relay, SNMP agent, traffic shaper, Wake on LAN and firmware upgrade in browser https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

  49. PPTP • The 'Point-to-Point Tunneling Protocol' ('PPTP') is a method for implementing virtual private networks. PPTP uses a control channel over Transmission Control Protocol|TCP and a Generic Routing Encapsulation|GRE tunnel operating to encapsulate Point-to-Point Protocol|PPP packets. PPTP is considered cryptographically broken and its use is no longer recommended by Microsoft. https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

  50. PPTP • A specification for PPTP was published in July 1999 as RFC 2637RFC 2637 and was developed by a vendor consortium formed by Microsoft, Ascend Communications (today part of Alcatel-Lucent), 3Com, and others. PPTP has not been proposed nor ratified as a standard by the IETF. https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

More Related