Definition of these VPN services

Discussion in 'privacy technology' started by Victek, Jan 24, 2012.

Thread Status:
Not open for further replies.
  1. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,121
    Location:
    USA
    I'm considering one of these two VPN packages and could use some help understanding what the different features mean. OpenVPN is included in the more expensive option. Given what is already in option "1" why might I want OpenVPN SSL? This is for security when using open WiFi in coffee shops, not for walking on the wild side :cautious: TIA

    1) PPTP, L2TP, IPSEC

    2) OpenVPN SSL, PPTP, L2TP, IPSEC
     
  2. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,029
    I suggest that you start by reading the the Wikipedia pages for each of those.

    It's an odd choice, in my opinion. OpenVPN is open source, yet you need the more expensive version to get it. IPsec is complicated to set up, or so I've heard, yet it's part of the less expensive option.

    I'm not at all familiar with L2TP. According to Wikipedia: "Layer 2 Tunneling Protocol (L2TP) is a tunneling protocol used to support virtual private networks (VPNs). It does not provide any encryption or confidentiality by itself; it relies on an encryption protocol that it passes within the tunnel to provide privacy." But according to Cisco: "The Layer 2 Tunnel Protocol (L2TP) is an emerging Internet Engineering Task Force (IETF) standard that combines the best features of two existing tunneling protocols: Cisco's Layer 2 Forwarding (L2F) and Microsoft's Point-to-Point Tunneling Protocol (PPTP)". -http://www.cisco.com/en/US/docs/ios/12_0t/12_0t1/feature/guide/l2tpT.html
     
  3. Higashi

    Higashi Registered Member

    Joined:
    Jan 26, 2009
    Posts:
    6
  4. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,121
    Location:
    USA
    Thanks, this page answers my question quite well.
     
  5. marktor

    marktor Registered Member

    Joined:
    Dec 4, 2011
    Posts:
    143
    lots of differences but the bottom line is PPTP is susceptible to bruteforce attacks OpenVPN is not. OpenVPN is even more secure if your VPN provider uses Perfect Forward Secrecy. Information on PPTP bruteforcing see here: http://hak5.org/hack/hacking-pptp-vpns-with-asleap
     
  6. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,029
    That's what I've always believed. But what about the Cisco page that I referenced? It seems to claim that L2TP is PPTP routed through L2F. Does that make it less susceptible to bruteforce attacks?
     
  7. marktor

    marktor Registered Member

    Joined:
    Dec 4, 2011
    Posts:
    143
    It appears that L2TP is much more secure that PPTP the guy that wrote a tool that can brute force PPTP recommended switching to L2TP. See here: http://www.zdnet.com/blog/ou/pptp-vpn-authentication-protocol-proven-very-susceptible-to-attack/21


    L2TP seems to be pretty secure but still is not nearly as secure as OpenVPN as far as encryption strength and many other things.
     
Loading...
Thread Status:
Not open for further replies.