Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I would like to ask what are the advantages that may exist using Poptop?
I can be run very easily. In my opinion, it is not very much secured. However it is very easy to configure compared to openvpn, and it works pretty well.
PopTop is a server implementation of the Point-to-Point Tunneling Protocol (PPTP).
PPTP is Microsoft's invention, and it was their VPN protocol of choice until a few years ago. It uses MSCHAPv2 authentication and GRE tunneling with a particular RC4-based encryption scheme called MPPE (Microsoft Point-to-Point Encryption).
The MSCHAPv2 handshake has a fatal flaw that makes it possible for a listening third-party to find a PPTP password hash relatively quickly using a brute-force algorithm. And although there's no easy way to turn a password hash into a plaintext password, another weakness in the MSCHAPv2 algorithm ("password-equivalent hashes" - now there's a contradiction in terms) means you don't actually need the password to authenticate. The hash will do just fine.
This means one should not use PPTP over an unsecured network. As PPTP is a VPN protocol, it's main use is precisely for setting up VPN tunnels over public, insecure networks, so that means PPTP is fundamentally broken.
In other words: Don't use PPTP, which means don't use PopTop.
PopTop is a server implementation of the Point-to-Point Tunneling Protocol (PPTP).
PPTP is Microsoft's invention, and it was their VPN protocol of choice until a few years ago. It uses MSCHAPv2 authentication and GRE tunneling with a particular RC4-based encryption scheme called MPPE (Microsoft Point-to-Point Encryption).
The MSCHAPv2 handshake has a fatal flaw that makes it possible for a listening third-party to find a PPTP password hash relatively quickly using a brute-force algorithm. And although there's no easy way to turn a password hash into a plaintext password, another weakness in the MSCHAPv2 algorithm ("password-equivalent hashes" - now there's a contradiction in terms) means you don't actually need the password to authenticate. The hash will do just fine.
This means one should not use PPTP over an unsecured network. As PPTP is a VPN protocol, it's main use is precisely for setting up VPN tunnels over public, insecure networks, so that means PPTP is fundamentally broken.
In other words: Don't use PPTP, which means don't use PopTop.
THANK YOU
On an intranet, behind the firewall, there is not much dangers, right? So, what about ssh and forwarding the port?
If you do such operation, it might be secured, isnt it?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.