Threat Research, Trending and analysis for normal humans
Monday, July 30, 2012
PPTP VPN is Critically Vulnerable.
Moxie Marlinspike does it again. The eclectic hacker who previously brought you SSLStrip now has released (@ Defcon 20) a utility and advisory on cracking MSCHAPv2 which powers most PPTP VPN.
Get the code here: https://github.com/moxie0/chapcrack
Suggestion is to migrate to OpenVPN for a more secure VPN setup.
Also if your bored read some of his excellent stories