wrote PPTP section

author cm <cm@coretec.at>

Fri, 22 Nov 2013 20:22:37 +0000 (21:22 +0100)

committer cm <cm@coretec.at>

Fri, 22 Nov 2013 20:22:37 +0000 (21:22 +0100)
author cm <cm@coretec.at>
Fri, 22 Nov 2013 20:22:37 +0000 (21:22 +0100)
committer cm <cm@coretec.at>
Fri, 22 Nov 2013 20:22:37 +0000 (21:22 +0100)
diff --git a/src/practical_settings.tex b/src/practical_settings.tex

index 6575c91..8e11488 100644 (file)
--- a/src/practical_settings.tex
+++ b/src/practical_settings.tex
@@ -924,7 +924,14 @@ cipher AES-256-CBC   # AES
  \todo{what about auth sha512 ?}
  
  \subsubsection{PPTP}
-\todo{cm: please write this subsubsection}
+
+PPTP is broken, Microsoft recommends to ``use a more secure VPN
+tunnel''\footnote{\url{http://technet.microsoft.com/en-us/security/advisory/2743314}}.
+
+There is a cloud service that cracks the underlying MS-CHAPv2
+authentication protocol for the price of USD~200\footnote{\url{https://www.cloudcracker.com/blog/2012/07/29/cracking-ms-chap-v2/}},
+and given the resulting MD4 hash, all PPTP traffic for that user can
+be decrypted.
  
  \subsubsection{Cisco IPSec}
  \todo{write this subsubsection}