|
Home > Archive > VPN > February 2006 > How Secure Is The Built-In VPN Client/Server in XP?
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
How Secure Is The Built-In VPN Client/Server in XP?
|
|
| monkey.omen@gmail.com 2005-12-29, 2:47 am |
| I'm very new to VPNs (ie, less than 48 hours) and I just set up a
simple VPN between two XP computers, and was surprised how easy it was.
On my end, I have an XP Home laptop running the built-in VPN server -
it shows up in Network Connections under "Incoming" and is set to:
- allow callers to access my local area network
- specifiy TCP/IP addresses from 10.0.0.1 through 10.0.0.10
- allow calling computer to specify its own IP address
On the other end is an XP Professional laptop that is set up as a
client - it shows up in Network Connections under "Virtual Private
Network" and calls itself a WAN Miniport (PPTP) device.
When the client connects, it logs in without complaint, gets the
address of 10.0.0.4 and is able to communicate with the server at
10.0.0.1. I'm assuming this is all done over the encrypted tunnel
between the two systems.
I have these questions:
Regarding the client setup, under the "security" tab of the properties
dialog, under the "Advanced (custom settings)" area, there are a few
options. What is the difference between these two options under data
encryption?
- require encryption (disconnect if server declines)
- Maximum strength encryption (disconnect if server declines)
I'm looking for bits, algorithm, differences in key exchange, etc. I'm
no crypto expert but I did read Applied Cryptography while staying at a
Holiday Inn Express once, so I'm not completely clueless.
Are XP's VPN client/server believed to be reasonably secure, or are
they like so many other Windows products in that there are constant
streams of bugs, endless vulnerabilities, poor implementations of good
ideas, etc that hinder security?
I'm not going to send nuclear bomb plans over this connection (I have
carrier pigeons for that) but I'd like to know whether or not the
Windows XP VPN software is worthwhile, or if it's just pretend security
that uses triple-ROT13.
Thank you in advance.
| |
|
| monkey.omen@gmail.com wrote:
> I'm very new to VPNs (ie, less than 48 hours) and I just set up a
> simple VPN between two XP computers, and was surprised how easy it was.
>
> On my end, I have an XP Home laptop running the built-in VPN server -
> it shows up in Network Connections under "Incoming" and is set to:
> - allow callers to access my local area network
> - specifiy TCP/IP addresses from 10.0.0.1 through 10.0.0.10
> - allow calling computer to specify its own IP address
>
> On the other end is an XP Professional laptop that is set up as a
> client - it shows up in Network Connections under "Virtual Private
> Network" and calls itself a WAN Miniport (PPTP) device.
>
> When the client connects, it logs in without complaint, gets the
> address of 10.0.0.4 and is able to communicate with the server at
> 10.0.0.1. I'm assuming this is all done over the encrypted tunnel
> between the two systems.
>
>
> I have these questions:
>
> Regarding the client setup, under the "security" tab of the properties
> dialog, under the "Advanced (custom settings)" area, there are a few
> options. What is the difference between these two options under data
> encryption?
> - require encryption (disconnect if server declines)
> - Maximum strength encryption (disconnect if server declines)
> I'm looking for bits, algorithm, differences in key exchange, etc. I'm
> no crypto expert but I did read Applied Cryptography while staying at a
> Holiday Inn Express once, so I'm not completely clueless.
>
>
> Are XP's VPN client/server believed to be reasonably secure, or are
> they like so many other Windows products in that there are constant
> streams of bugs, endless vulnerabilities, poor implementations of good
> ideas, etc that hinder security?
>
>
> I'm not going to send nuclear bomb plans over this connection (I have
> carrier pigeons for that) but I'd like to know whether or not the
> Windows XP VPN software is worthwhile, or if it's just pretend security
> that uses triple-ROT13.
>
> Thank you in advance.
>
This explains a bit
http://www.microsoft.com/technet/pr...e48df8a0e9.mspx
simon
| |
|
| If I may ask a question of you please......
I am trying to setup a VPN between my home and office PC.
Windows XP explains how to setup this PC to connect for the outbound
connection, but doesn't say much of anything about what to setup on my
remote PC at the office to receive and accept my connection!
I have setup the VPN connection here, entered the IP address of the office
PC and used my Windows logo ID and password... yet I am unable to connect.
It is rejected as soon as I click connect.
Can you help and/or Is there any sites that explain all the steps in
detail for setting up both ends!
much thanks
Jane
<monkey.omen@gmail.com> wrote in message
news:1135845912.846722.181910@g47g2000cwa.googlegroups.com...
> I'm very new to VPNs (ie, less than 48 hours) and I just set up a
> simple VPN between two XP computers, and was surprised how easy it was.
>
> On my end, I have an XP Home laptop running the built-in VPN server -
> it shows up in Network Connections under "Incoming" and is set to:
> - allow callers to access my local area network
> - specifiy TCP/IP addresses from 10.0.0.1 through 10.0.0.10
> - allow calling computer to specify its own IP address
>
> On the other end is an XP Professional laptop that is set up as a
> client - it shows up in Network Connections under "Virtual Private
> Network" and calls itself a WAN Miniport (PPTP) device.
>
> When the client connects, it logs in without complaint, gets the
> address of 10.0.0.4 and is able to communicate with the server at
> 10.0.0.1. I'm assuming this is all done over the encrypted tunnel
> between the two systems.
>
>
> I have these questions:
>
> Regarding the client setup, under the "security" tab of the properties
> dialog, under the "Advanced (custom settings)" area, there are a few
> options. What is the difference between these two options under data
> encryption?
> - require encryption (disconnect if server declines)
> - Maximum strength encryption (disconnect if server declines)
> I'm looking for bits, algorithm, differences in key exchange, etc. I'm
> no crypto expert but I did read Applied Cryptography while staying at a
> Holiday Inn Express once, so I'm not completely clueless.
>
>
> Are XP's VPN client/server believed to be reasonably secure, or are
> they like so many other Windows products in that there are constant
> streams of bugs, endless vulnerabilities, poor implementations of good
> ideas, etc that hinder security?
>
>
> I'm not going to send nuclear bomb plans over this connection (I have
> carrier pigeons for that) but I'd like to know whether or not the
> Windows XP VPN software is worthwhile, or if it's just pretend security
> that uses triple-ROT13.
>
> Thank you in advance.
>
|
|
|
|
|