The pfSense Store

Author Topic: PPTP has been cracked - stop using it and migrate ASAP  (Read 21275 times)

0 Members and 1 Guest are viewing this topic.

Offline kejianshi

  • Hero Member
  • *****
  • Posts: 4949
  • Karma: +195/-40
  • Debugging...
    • View Profile
Re: PPTP has been cracked - stop using it and migrate ASAP
« Reply #15 on: September 16, 2013, 01:50:12 am »
You can use PPTP til your hearts content - Good luck with that.

Personally, I say why complicate the matter.  Use no encryption at all if you are going to run weak encryption.

I don't really mind if some government wants to take a stab at confiscating 300 million computers - they can try.

Might be problematic for them.

But why make it stupid simple by running something like PPTP and making it ridiculously easy?


Offline Supermule

  • Hero Member
  • *****
  • Posts: 2530
  • Karma: +77/-102
    • View Profile
Re: PPTP has been cracked - stop using it and migrate ASAP
« Reply #16 on: September 16, 2013, 02:11:29 am »
The problem is that no matter what you run, its easy for the right people to crack it.

What you want is protection from the villain who passes by temporary. They usually scan your network as a preattack measure to see whats there. When thats done, Snort kills the connection  and blocks the IP forever. Then they cant connect to your VPN anyway and therefore cant crack it. If you run a server with VPN, you can also set it up to block the offender for extended periods of time before beeing able to try again.

If thats so, then they just move on since they want easy targets unless you have something very valuable on your servers that needs 2nd level authentication anyway....

So I dont get the fuss about this?
Kind regards Brian


Offline m4f1050

  • Full Member
  • ***
  • Posts: 125
  • Karma: +0/-0
    • View Profile
Re: PPTP has been cracked - stop using it and migrate ASAP
« Reply #17 on: September 16, 2013, 02:15:59 am »
I just wish they would put PPTP back the way it was before, I was able to connect with my unrooted Toshiba Excite 10 using PPTP...   :-/

Offline Supermule

  • Hero Member
  • *****
  • Posts: 2530
  • Karma: +77/-102
    • View Profile
Re: PPTP has been cracked - stop using it and migrate ASAP
« Reply #18 on: September 16, 2013, 02:18:51 am »
I upgraded one of the VPN servers to 2.1 and connected using PPTP with no issues. So its fine on 2.1 upgraded from 2.0.3.
Kind regards Brian


Offline kejianshi

  • Hero Member
  • *****
  • Posts: 4949
  • Karma: +195/-40
  • Debugging...
    • View Profile
Re: PPTP has been cracked - stop using it and migrate ASAP
« Reply #19 on: September 16, 2013, 02:23:35 am »
I hear you - You want protection from the bad guys who plan to steal from you or do something bad to your stuff.

From that point of view, I'd say you are relatively safe with most things other than PPTP.

I'm one of these crazy people that want it to cost 20MW hours for someone to read a harmless chat from me to my buddy.

If they want it they may get it but I want it to cost so much resources its not convenient to do on a mass scale.

I'm just weird that way.

Offline Supermule

  • Hero Member
  • *****
  • Posts: 2530
  • Karma: +77/-102
    • View Profile
Re: PPTP has been cracked - stop using it and migrate ASAP
« Reply #20 on: September 16, 2013, 02:38:16 am »
I understand. What do you use to chat with?
Kind regards Brian


Offline kejianshi

  • Hero Member
  • *****
  • Posts: 4949
  • Karma: +195/-40
  • Debugging...
    • View Profile
Re: PPTP has been cracked - stop using it and migrate ASAP
« Reply #21 on: September 16, 2013, 02:41:47 am »
My own XMPP server  - If not my own encryption would be absolutely pointless wouldn't it? 


Offline Supermule

  • Hero Member
  • *****
  • Posts: 2530
  • Karma: +77/-102
    • View Profile
Re: PPTP has been cracked - stop using it and migrate ASAP
« Reply #22 on: September 16, 2013, 02:48:08 am »
:D The funny shit here is that it would take anybody 22 seconds to get their hands on anything you have worked on.

It takes a Glock and a doorbell!

Given that, we do want the same but have different levels of "I dont give a shit" :D

If they want, they can take it easily and we can do nothing about it.

We want protection from the Chinese dude that sits in Beijing University and cracks the shit out of SQL servers and hosted game servers.

What we also need is not to kidd ourselfes ;)
Kind regards Brian


Offline m4f1050

  • Full Member
  • ***
  • Posts: 125
  • Karma: +0/-0
    • View Profile
Re: PPTP has been cracked - stop using it and migrate ASAP
« Reply #23 on: September 16, 2013, 07:38:59 am »
:D The funny shit here is that it would take anybody 22 seconds to get their hands on anything you have worked on.

It takes a Glock and a doorbell!

Given that, we do want the same but have different levels of "I dont give a shit" :D

If they want, they can take it easily and we can do nothing about it.

We want protection from the Chinese dude that sits in Beijing University and cracks the shit out of SQL servers and hosted game servers.

What we also need is not to kidd ourselfes ;)

Funny!

A bit off subject but I have to get it out of my chest!

Chinese dudes are very sneaky!  I've learned my lesson...  They work the systems out...  I lost over $250 buying from China.   Our EMS is *VERY* expensive and it's the only way you can return items that are trackable, sometimes doubling the cost of the item you purchased.  So what do they do?  Tell you to ship Airmail, no tracking after it leaves the US, so eGay/PayTurd doesn't refund you jack and you lose 1. What you paid for, 2. The item you bought and 3. The Airmail (still expensive shipping!)  Same goes for every merchant website.  They added the "US Only" checkbox on location now on eBay so you don't buy from China if you are aware of this..  What a shame...  I got tricked twice buying from China, they like to send you defective stuff.

Offline Supermule

  • Hero Member
  • *****
  • Posts: 2530
  • Karma: +77/-102
    • View Profile
Re: PPTP has been cracked - stop using it and migrate ASAP
« Reply #24 on: September 16, 2013, 08:46:18 am »
I know... :D

The good shit is that a lot of european businesses has blacklistet China completely. Thats why we see the bubble in China in the near future...
Kind regards Brian


Offline kejianshi

  • Hero Member
  • *****
  • Posts: 4949
  • Karma: +195/-40
  • Debugging...
    • View Profile
Re: PPTP has been cracked - stop using it and migrate ASAP
« Reply #25 on: September 16, 2013, 08:54:57 am »
Iím not seeing that happening either...   That would require some serious common sense on our part, and we seem to be seriously lacking in that department, which is how we got to this point with China to begin with.  But I digress...


Offline m4f1050

  • Full Member
  • ***
  • Posts: 125
  • Karma: +0/-0
    • View Profile
Re: PPTP has been cracked - stop using it and migrate ASAP
« Reply #26 on: September 16, 2013, 09:02:28 am »
I agree with the "bubble" theory, soon they will alert EVERYONE how they work the system out and soon they will probably add a "BLOCK OVERSEAS" and always on feature on most websites, which they should.  Always using clone chips that go bad, clone this clone that, no copyright laws so you don't even know you are getting a knockoff clone item until you receive it and then it's too late.. :)

Offline doktornotor

  • Hero Member
  • *****
  • Posts: 8553
  • Karma: +956/-278
  • Not a pfSense employee, they cannot fire me...
    • View Profile
Re: PPTP has been cracked - stop using it and migrate ASAP
« Reply #27 on: September 16, 2013, 09:13:32 am »
This is amusing. If you do NOT care about encryption being just plain useless, may I suggest using L2TP instead and moving on?
Do NOT PM for help!

Offline m4f1050

  • Full Member
  • ***
  • Posts: 125
  • Karma: +0/-0
    • View Profile
Re: PPTP has been cracked - stop using it and migrate ASAP
« Reply #28 on: September 16, 2013, 10:31:26 am »
This is amusing. If you do NOT care about encryption being just plain useless, may I suggest using L2TP instead and moving on?

I think I have an issue with my provider with L2TP blocking, I know PPTP used to work...

Offline ever

  • Newbie
  • *
  • Posts: 2
  • Karma: +1/-0
    • View Profile
Re: PPTP has been cracked - stop using it and migrate ASAP
« Reply #29 on: December 02, 2013, 04:11:00 pm »
I'm from China. For me, PPTP is still useful circumventing that *stupid* national firewall. I don't care if some black hats decrypt the traffic as it's not "sensitive". All I want is to access some top ranked sites the way they are meant to be. Yes, technically I can use IPSec or OpenVPN. The former requires VPS providers to compile optional kernel modules or provide full virtualization, which are either unfeasible or unnecessarily expensive. The latter has been actively blocked for just over 2 years now and requires obfuscation to achieve acceptable reliability.

I bet most people in this forum wouldn't even consider anything above. If only I had the expertise to contribute patches.

:D The funny shit here is that it would take anybody 22 seconds to get their hands on anything you have worked on.

It takes a Glock and a doorbell!

Given that, we do want the same but have different levels of "I dont give a shit" :D

If they want, they can take it easily and we can do nothing about it.

We want protection from the Chinese dude that sits in Beijing University and cracks the shit out of SQL servers and hosted game servers.

What we also need is not to kidd ourselfes ;)

Funny!

A bit off subject but I have to get it out of my chest!

Chinese dudes are very sneaky!  I've learned my lesson...  They work the systems out...  I lost over $250 buying from China.   Our EMS is *VERY* expensive and it's the only way you can return items that are trackable, sometimes doubling the cost of the item you purchased.  So what do they do?  Tell you to ship Airmail, no tracking after it leaves the US, so eGay/PayTurd doesn't refund you jack and you lose 1. What you paid for, 2. The item you bought and 3. The Airmail (still expensive shipping!)  Same goes for every merchant website.  They added the "US Only" checkbox on location now on eBay so you don't buy from China if you are aware of this..  What a shame...  I got tricked twice buying from China, they like to send you defective stuff.

As for these accusations, I hope you don't take a part for the whole. I myself is a victim. If you want to take it out on someone, try finding out who's actually responsible. Don't blame some random people you don't even know exist. China is not your wholly owned subsidiary and "Chinese dudes" are not your customer support representatives.

Peace out.
« Last Edit: December 02, 2013, 04:13:45 pm by ever »