Home page logo

pen-test logo Penetration Testing mailing list archives

Re: [PEN-TEST] Your opinions ... more info
From: Drew Simonis <dsimonis () FIDERUS COM>
Date: Tue, 31 Oct 2000 14:17:01 -0500

"St. Clair, James" wrote:

I'd say stick the VPN. I agree, afaik Win2k makes VPNs fairly simple. Your
client seems neither willing or able to truly take on the significance of
handling certificates that precludes the emperor from being without clothes.


Am I the only one who is of the mind that VPN is not congruent to an
authentication scheme?  From the OP's specifications, his VPN model
still used a certificate based auth method:

VPN Solution:
Windows 2000 Server and Windows 2000 clients was the solution I was
recommending as a stronger solution.  Given what I have read, I could not
see where this solution would add any support burden over the certificate
solution.  This solution uses  client/server IP tunneling with PPTP/L2TP,
MS-CHAP v.2, and certificate authentication.

Either way, he is authenticating via cert.  Either way, he plans
to use SSL.  What advantage does PPTP offer to this solution?
What about PPTP makes the administration of this solution easier?

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]