TY - JOUR
T1 - PPTP VPN: An Analysis of the Effects of a DDoS Attack
AU - Jones, Joshua
AU - Wimmer, Hayden
AU - Haddad, Rami
PY - 2020/3/5
Y1 - 2020/3/5
N2 - Personal Point-to-Point (PPTP) Virtual Private Network is widely used in small businesses and operations using legacy systems. In this paper, a default VPN gateway is set up and configured for a Direct Access PPTP VPN on a Windows Server 2016 machine running Routing, Remote Access, and Active Directory to permit Windows 10 client connectivity. Then a client is configured to connect remotely to this VPN over a network. On this same network, four Kali Linux machines are attacking the client with an Hping3 Denial-of-Service attack, which floods the client with packets to disrupt the service. In doing this, it is shown how the VPN itself handles the attack and what it does to protect the user from further attacks. While the client is under attack, it is found that the VPN would not establish a connection. Additionally, if the client is already connected to the VPN and is attacked, the VPN disconnects the client. This is accompanied by near-complete network instability and packet loss which correlates to the notorious insecurity of PPTP and explains why other protocols have become more widely implemented.
AB - Personal Point-to-Point (PPTP) Virtual Private Network is widely used in small businesses and operations using legacy systems. In this paper, a default VPN gateway is set up and configured for a Direct Access PPTP VPN on a Windows Server 2016 machine running Routing, Remote Access, and Active Directory to permit Windows 10 client connectivity. Then a client is configured to connect remotely to this VPN over a network. On this same network, four Kali Linux machines are attacking the client with an Hping3 Denial-of-Service attack, which floods the client with packets to disrupt the service. In doing this, it is shown how the VPN itself handles the attack and what it does to protect the user from further attacks. While the client is under attack, it is found that the VPN would not establish a connection. Additionally, if the client is already connected to the VPN and is attacked, the VPN disconnects the client. This is accompanied by near-complete network instability and packet loss which correlates to the notorious insecurity of PPTP and explains why other protocols have become more widely implemented.
UR - https://digitalcommons.georgiasouthern.edu/information-tech-facpubs/106
UR - https://doi.org/10.1109/SoutheastCon42311.2019.9020514
U2 - 10.1109/SoutheastCon42311.2019.9020514
DO - 10.1109/SoutheastCon42311.2019.9020514
M3 - Article
JO - IEEE SoutheastCon 2019 Conference Proceeding
JF - IEEE SoutheastCon 2019 Conference Proceeding
ER -