Firewalls: RE: PPTP & FW-1

Firewalls
(August 1997)

Indexed By Thread: [Previous] [Next]

Subject:	RE: PPTP & FW-1
From:	Eric Vyncke <evyncke @ cisco . com>
Date:	Fri, 08 Aug 1997 10:42:50 +0000
To:	Russ <Russ . Cooper @ RC . on . ca>, "'firewalls @ GreatCircle . COM'" <firewalls @ GreatCircle . COM>, "'Chris Brenton'" <cbrenton @ pccmis . com>

At 20:15 7/08/97 -0400, Russ wrote:

>Microsoft's implementation of PPTP allows for PPP to use MS-CHAP, a
>challenge response authentication based on RC4. Only a hash is
>transmitted if this option is used, not a password.

Indeed MS-CHAP is really nice in full Microsoft environment (even
if it is not a RFC ;-) ).

In non 100% MS-* environment, MS-CHAP is difficult to use:
1) I do not know any MS-CHAP client (i.e. peer) implementation
beside Microsoft Windows-*
2) MS-CHAP is based on the LAN Manager or Win NT password hashes,
so the authenticator implementation must have either the hash (e.g.
from the Windows NT SAM database) or have the password in clear
in order to compute the hash on the fly (it is thus not possible
to reuse /etc/passwd or to encrypt one-way the password info).

...<snip>... points on encryption removed

>I believe it would be possible to use SecurID over a normal PPTP dial-up
>connection since SecurID will work with RAS, but I haven't personally
>tried it. If anyone has, I'd appreciate hearing from them. I'll be
>testing this myself soon. Assuming it does work (and I don't see any
>technical reasons that are insurmountable to making it work), then you
>could have stronger one-time hardware token authentication in the
>scenario, much much better.

Not sure for SecurID, but, beware that most token card servers
must receive the user password in clear text to do the authentication
testing... so the only PPP authentication method is PAP (i.e. in clear
text) and 
neither CHAP nor MS-CHAP.

Anyway, it does not care that much since the sniffed PAP password
cannot be re-used due to the nature (one time password) of the token 
cards ;-)

>If someone has already got software that can decapsulate and decrypt
>128-bit PPTP GRE data, I'd be interested in hearing it, otherwise I'd
>call it a boast. As for stealing passwords from an authentication
>session, NT to NT with the LM-fix applied preventing LM hashes from
>being accepted or offered is, imo, a reasonable authentication mechanism
>for those that can accept non-one-time token authentication mechanisms.

Network Telesystems, http://www.nts.com provide the TunnelBuilder line of
PPTP clients for Win 3.x and Macintosh.

Just my 0.25 BEF

-eric

Eric Vyncke      
Technical Consultant               Cisco Systems Belgium SA/NV
Phone:  +32-2-778.4677             Fax:    +32-2-778.4300
E-mail: evyncke @
 cisco .
 com          Mobile: +32-75-312.458

Follow-Ups:

Re: PPTP & FW-1
From: Michel Lavondes <lavondes @ tidtest . total . fr>

Indexed By Date	Previous:	Re: Scan for Services on port 443 From: zhermann @ scinetwork . hu
Indexed By Date	Next:	Re: Your comments on FW-1. From: Darren Reed <avalon @ coombs . anu . edu . au>
Indexed By Thread	Previous:	RE: PPTP & FW-1 From: Russ <Russ . Cooper @ RC . on . ca>
Indexed By Thread	Next:	Re: PPTP & FW-1 From: Michel Lavondes <lavondes @ tidtest . total . fr>