PPTP VPN SECURITY RISKS
PPTP is Microsoft’s VPN implementation that has been around since Windows NT. User’s tend to like using PPTP as it’s typically configured on Windows Desktops with a shortcut that remembers username and password for quick access. When coupled with proper name resolution (historically WINS) and now DNS, users can easily browse the network for shares and printers. On the back-end Windows Server PPTP is configured by the system administrator with the Routing and Remote Access role (RRAS). While the tools used to manage and deploy PPTP Systems have changed with each new version of Windows it’s universally agreed that PPTP is insecure as compared to modern alternatives and adds additional indirect support costs even when upgraded to support SSTP.
The PPTP protocol itself is no longer considered secure as cracking the initial MS-CHAPv2 authentication can be reduced to the difficulty of cracking a single DES 56-bit key, which with current computers can be brute-forced in a very short time (making a strong password largely irrelevant to the security of PPTP as the entire 56-bit keyspace can be searched within practical time constraints).
The attacker capture the handshake (and any PPTP traffic after that), do an offline crack of the handshake and derive the RC4 key. Once the RC4 key is derived the attacker will be able to decrypt and analyse the traffic carried in the PPTP VPN. PPTP does not support forward secrecy, so just cracking one PPTP session is sufficient to crack all prior PPTP sessions using the same credentials.
PPTP provides weak protection to the integrity of the data being tunneled. The RC4 cipher, while providing encryption, does not verify the integrity of the data as it is not an Authenticated Encryption with Associated Data (AEAD) cipher. PPTP also doesn’t do additional integrity checks on its traffic and is vulnerable to bit-flipping attacks, e.g. the attacker can modify the PPTP packets with little possibility of detection. Various discovered attacks on the RC4 cipher (such as the Royal Holloway attack) make RC4 a bad choice for securing large amounts of transmitted data, and VPNs are a prime candidate for such attacks as they typically transmit sensitive and large amounts of data.
Security experts have reviewed PPTP and listed numerous known vulnerabilities including:
- MS-CHAP-V1 is fundamentally insecure. Tools exist that can easily extract the NT Password hashes from MS-CHAP-V1 authentication traffic. MS-CHAP-V1 is the default setting on older Windows Servers
- MS-CHAP-V2 is vulnerable to dictionary attacks on captured challenge response packets. Tools exist to crack these exchanges rapidly
- It has been demonstrated that the complexity of a brute-force attack on a MS-CHAP-v2 key is equivalent to a brute-force attack on a single DES key.
Additional Support Costs Associated with PPTP & Microsoft VPN Client include:
- By default, an end user’s Windows network is routed through the office VPN network. As a result, this leaves the internal network open to Malware and slows down all internet for all users at the office.
- PPTP is typically blocked at many locations due to the known security issues resulting in calls to the help desk to resolve connectivity issues.
- Conflicts with office internal subnets at remotes sites can block Microsoft VPN routing resulting in no connectivity and again leading to additional support costs.
- Minor network fluctuations can disconnect the Microsoft VPN client while in use corrupting files leading to restores and lost work.
- The IT Department will need to maintain an additional fleet of corporate laptops with Microsoft VPN preconfigured for each potential remote user.
- Crypto Locker type malware are free to encrypt files over the VPN tunnel
In contrast with MyWorkDrive the security risks of supporting Microsoft PPTP or SSTP VPN’s are eliminated: User’s get an elegant easy to use Web File Manager client accessible from any browser. IT Support costs are eliminated – user’s simply logon with their existing Windows Active Directory credentials or use ADFS SSO to access company shares, home drives and edit/view documents online. Additionally, Mobile Client’s for Android/iOS and MyWorkDrive Desktop Mapped Drive clients are available. For security all MyWorkDrive clients support DUO Two Factor authentication.