{SPAM?} [Asterisk-Users] Asterisk VIA SSH Tunnels

Michael Graves mgraves at mstvp.com
Fri Oct 15 03:50:43 MST 2004


On Fri, 15 Oct 2004 11:12:30 +0900, Benjamin on Asterisk Mailing Lists
wrote:

>On Thu, 14 Oct 2004 16:50:39 -0400, steve szmidt <steve at szmidt.org> wrote:
>> Please don't use PPTP as a security solution, because it really isn't. It's so
>> flawed you can even connect to it without having ANY encryption. Microsoft
>> with their never ending wisdom have incorporated design flaws that make
>> cryptographers and security professionals distrust it, and recommend against
>> its use.
>
>Er, what's the news? Doesn't this apply to ANY product they make?

Nonetheless, PPTP is widely deployed in corporate VPNs. You can allow
unencrypted connections, but there is a setting to force encryption and
even force encryption strength to 128 bits.

I accept that it's not supremely secure. More advanced solutions are
preferable. Buit it's included in every Windoze system and dead simple
to setup. I think of it as about a secure as the WEP in my wirless lan.
It discourages casual hacks of convenience, but that's about it.

Michael

--
Michael Graves                           mgraves at pixelpower.com
Sr. Product Specialist                          www.pixelpower.com
Pixel Power Inc.                                 mgraves at mstvp.com

o713-861-4005
o800-905-6412
c713-201-1262

"We're here for a good time, not a long time. So have a good time,
the sun can't shine every day." - Trooper
 
** Tag(s) inserted by Bandit Tagger98 - http://www.gbar.dtu.dk/~c918704





More information about the asterisk-users mailing list