Pptp-ports are protocols (set of communication rules),which allow corporations to expand their own corporate network through private channels and the public Internet. Thanks to this method, the corporation uses the Global Network as one large local area network. The company does not need to lease its own lines for broadband, but it can reliably use public networks. This type of connection is called a virtual private network (VPN).
Thanks to PPTP, which is an extensionPoint-to-Point Protocol (PPP), any PC user with PPP client support can use an independent service provider (ISP) to securely connect to the server elsewhere (that is, through remote access). Pptp ports are some of the most likely sentences as a basis for the new Internet Engineering Task Force (IETF) standard.
The specification was first introduced to the public inJuly 1999 and developed by a subsidiary of Microsoft Ascend Communications (today part of Alcatel-Lucent). PPTP was not accepted and standardized by the Internet Engineering Task Force. The protocol is created by communicating with the peer through PPTP port 1723. This TCP connection is then used to initiate and manage the peer.
The format of the PPTP GRE package is not standard, inincluding a new confirmation number field replacing a typical routing field. However, as in a conventional GRE connection, these modified GRE packets are directly encapsulated in IP packets and are treated as IP number 47 of the protocol. GRE-tunnel is used for transferring PPP-packets. In a Microsoft implementation, tunneled PPP traffic can be authenticated using PAP, CHAP, MS-CHAP v1 / v2.
PPTP has been the subject of many safety analyzes,and the protocol identified major security vulnerabilities that relate to basic PPP authentication protocols, MPPE protocol development, and integration between MPPE and PPP authentication to establish a session.
PPTP has a number of known vulnerabilities. It is no longer considered secure, since it is possible to crack the original MS-CHAPv2 authentication by hacking one 56-bit DES key. It is prone to MITM attacks, where an attacker can perform an offline attack to obtain the RC4 key and decrypt the traffic. PPTP is also vulnerable to bit-reversal attacks. An attacker can modify PPTP packets without being detected. OpenVPN with AES encryption is a much safer choice.
MS-CHAP-v1 is fundamentally unsafe. There are known tools for trivially extracting NT Password hashes from the captured MSCHAP-v1 exchange.
MS-CHAP-v1 MPPE uses the same keysession RC4 for encryption in both directions of the communication flow. Here, you can conduct cryptanalysis using standard methods by XORing flows from each direction together.
MS-CHAP-v2 is vulnerable to attacks on dictionaries for captured call response packets. There are basic tools for quickly executing this process.
In 2012, it was also demonstratedan online service that is capable of decrypting the MS-CHAP-v2 MD4 passphrase for 23 hours. MPPE uses the RC4 stream cipher. There is no way to authenticate the stream of encrypted text, and therefore it is vulnerable to a bit-reversal attack. An attacker can change the flow in the path and adjust individual bits to change the output stream without detection capability. These bit flips can be detected by the protocols themselves by means of checksums or other means.
EAP-TLS is considered as the best choiceauthentication for PPTP. However, this requires the implementation of a public key infrastructure for client and server certificates. Therefore, it can not be a viable authentication option for some remote access installations.