PPTP VPN: An Analysis of the Effects of a DDoS Attack

Personal Point-to-Point (PPTP) Virtual Private Network is widely used in small businesses and operations using legacy systems. In this paper, a default VPN gateway is set up and configured for a Direct Access PPTP VPN on a Windows Server 2016 machine running Routing, Remote Access, and Active Directory to permit Windows 10 client connectivity. Then a client is configured to connect remotely to this VPN over a network. On this same network, four Kali Linux machines are attacking the client with an Hping3 Denial-of-Service attack, which floods the client with packets to disrupt the service. In doing this, it is shown how the VPN itself handles the attack and what it does to protect the user from further attacks. While the client is under attack, it is found that the VPN would not establish a connection. Additionally, if the client is already connected to the VPN and is attacked, the VPN disconnects the client. This is accompanied by near-complete network instability and packet loss which correlates to the notorious insecurity of PPTP and explains why other protocols have become more widely implemented.

[1]  Evangelos P. Markatos,et al.  Exclusive: How the (synced) Cookie Monster breached my encrypted VPN session , 2018, EuroSec@EuroSys.

[2]  Josef Horalek,et al.  Effective penetration testing with Metasploit framework and methodologies , 2014, 2014 IEEE 15th International Symposium on Computational Intelligence and Informatics (CINTI).

[3]  Ghizlane Orhanou,et al.  VPN IPSEC & SSL technology Security and management point of view , 2012, 2012 Next Generation Networks and Services (NGNS).

[4]  Himanshu Gupta,et al.  A New Approach for the Security of VPN , 2016, ICTCS.

[5]  Thaier Hayajneh,et al.  Penetration testing: Concepts, attack methods, and defense strategies , 2016, 2016 IEEE Long Island Systems, Applications and Technology Conference (LISAT).

[6]  S.S. Kolahi,et al.  Performance Evaluation of Virtual Private Network Protocols in Windows 2003 Environment , 2008, 2008 International Conference on Advanced Computer Theory and Engineering.

[7]  Shaneel Narayan,et al.  Network Performance Analysis of VPN Protocols: An Empirical Comparison on Different Operating Systems , 2009, 2009 International Conference on Networks Security, Wireless Communications and Trusted Computing.

[8]  Atsushi Kara,et al.  A DoS-vulnerability analysis of L2TP-VPN , 2004, The Fourth International Conference onComputer and Information Technology, 2004. CIT '04..

[9]  Shaneel Narayan,et al.  Cyber security attacks on network with transition mechanisms , 2015, 2015 International Conference on Computing and Network Communications (CoCoNet).

[10]  Luo Zhiyong,et al.  Research of A VPN secure networking model , 2013, Proceedings of 2013 2nd International Conference on Measurement, Information and Control.