Configuring the Win98 PPTP Client
Win98 includes PPTP, so you can easily install PPTP from the Win98 CD-ROM.
In Control Panel, open the Add/Remove Programs applet and select the Windows 98 Setup tab. Then, select Communications, Dial-Up Networking, Virtual Private Networking, General. You can use the DUN wizard to create a new profile for your PPTP server, as Screen 2, page 118, shows.
The Server Types tab has more options in Win98 than in Win95. You need to select Require encrypted password and Require data encryption, as Screen 3, page 118, shows, for the PPTP session to function properly.
When the PPTP session is running, Win98 displays more details about the
connection than either Win95 or NT does. As Screen 4 shows, the Protocols list confirms that CHAP authenticated the PPTP session, Microsoft Point-to-Point Compression (MPPC) is compressing data sent over the PPTP link, and Microsoft Point-to-Point Encryption (MPPE) is encrypting the data. The Protocols list also shows which network protocols are running over the PPTP session.
Logging PPTP Information
The System event log records each attempt to connect to a PPTP server. (For information about NT's event logs, see Michael D. Reilly, "Windows NT Event Viewer," November 1998.) The System log tells you who is using PPTP and what type of encryption they are using (40-bit or 128-bit). If the client connects using 128-bit encryption, the log records a strong connection. The log does not generate a similar message (i.e., weak) for 40-bit connections. The log shows the username and port number for each successful connection, as Screen 5 shows. When you disconnect a PPTP session, the system logs a summary.
Examining Network Traffic
Verifying PPTP operation is simple. You can use various network analyzers to
confirm network traffic encryption and determine the type of encryption. For
example, the Microsoft Network Monitor listens on the network and captures
traffic between the PPTP client and server. Microsoft's Systems Management
Server (SMS) includes a complete version of Network Monitor. This version
listens for traffic between any computers on the network. (NT Server also
includes a limited version of Network Monitor that captures traffic only between
the computer running Network Monitor and other computers.)
Screen 6 shows a capture of a Telnet session running over an unencrypted
network. The lower right pane shows the plain ASCII text, which typically
includes the username and password (in plain text) at the beginning of the
session.
Screen 7 shows a capture of Telnet traffic running over a PPTP session. The
data is encrypted and looks like meaningless garbage. In addition, you cannot
tell what type of protocol is in use. This security feature prevents a hostile
user from basing an attack on previous knowledge of a particular application.
To understand how PPTP handles encryption and authentication, you need to be
familiar with two Internet Engineering Task Force (IETF) documents: Microsoft
Point-To-Point Encryption (MPPE) Protocol
(ftp://ftp.ietf.org/internet-drafts/draft-ietf-pppext-mppe-02.txt) and
Microsoft PPP CHAP Extensions (ftp://ftp
.ietf.org/internet-drafts/draft-ietf-pppext-mschap-00.txt). Microsoft's Web site
contains outdated versions of these documents. At press time, Microsoft
announced pending availability of updated documentation. The documents describe
the encryption scheme (MPPE) and authentication scheme (MS CHAP) that PPTP uses.
Network engineers who want to implement PPTP and systems administrators who want
to examine network traffic will find these documents useful.
The Microsoft Point-To-Point Encryption (MPPE) Protocol document
describes how encryption is negotiated at the beginning of a PPTP session. You
can use this information to verify the type of encryption (40-bit or 128-bit) in
use on a PPTP session.
The section of the MPPE document you see in Figure 1, page 121, describes
how the Compression Control Protocol (CCP) negotiates MPPE options. The PPTP
server and client suggest encryption types to each other. If they find one that
they both support, they agree to use it. If they fail to find a common scheme,
they abort the PPTP session. The Type field identifies which CCP option
negotiates encryption.
You can use this information to set up a Network Monitor filter that
displays only the packets you are interested in (e.g., only CCP packets with a
Configuration Option Type of 18), as Screen 8, page 121, shows. Start Network
Monitor, and start the PPTP session. You can then capture the beginning of the
PPTP session, where all options are negotiated. After you capture the packets
you want, stop Network Monitor and PPTP. Then, apply the filter to the captured
traffic. Screen 9 shows a packet I captured.
The relevant data in Screen 9 is the four octets (8-bit values) in
hexadecimal form listed next to CCP: Values (i.e., 00 00 00 20). To decipher
these numbers, consult the section of the MPPE document in Figure 2 (edited for
clarity).
This description tells you to focus on the least significant octet, which is the right-most 8 bits. In my example packet in Screen 9, the L bit is set and has a value of 0x20 in hexadecimal form or 100000 in binary form, indicating 40-bit encryption.
For a 128-bit example, see Screen 10. In this packet, the S and C bits are set. The C bit has a value of 0x41 in hexadecimal form or 1000001 in binary form.
As the MPPE document excerpt in Figure 3 shows, the PPTP session tries to negotiate the strongest form of encryption first (128-bit) and reverts to 40-bit encryption if it is the only scheme that both ends support. If the encryption negotiation fails, the PPTP session fails.
Using Network Monitor or another network-analysis tool lets you verify the operation of software on your system. You do not have to take the vendor's word that your data is encrypting properly.