What is PPTP
Point-to-Point-Tunneling Protocol is an honorable inductee of the virtual private networking Hall of Fame. PPTP is an outdated protocol that is no longer in use, mainly due to the fact that in the modern state of technology, it poses quite a few significant security issues. PPTP employs both Generic Routing Encapsulating (GRE) and the Transmission Control Protocol (TCP) for transferring Point-to-Point (PPP) data packets. The greatest security concern with PPTP is that it relies heaving on PPP tunneling for all its security functions. It doesn’t possess any authentication and encryption features, which has been pointed out as its main vulnerability.
History of PPTP
This wasn’t a big concern at first when PPTP was originally introduced in 1999 under the name RFC 2637. A work-group from Microsoft, Ascend Communications (currently a part of Nokia), 3Com and other players in the digital market developed the protocol. It was originally shipped with many Microsoft products and because of that was used by the majority of early Internet users. The way Microsoft implemented the protocol, all PPP tunneled traffic by PPTP can be in theory authenticated with PAP, CHAP, and MS-CHAP v1/v2. At the end of the day, the Internet Security Task Force did not consider PPTP for ratification due to its shortcomings.