TCP Dangerous Remote Access

Port 1723 (PPTP)

Learn about port 1723 (PPTP) - security risks, vulnerabilities, and common uses. Find devices with port 1723 open.

Quick Info

Port Number

1723

Protocol

TCP

Service

PPTP

IANA Name

PPTP

Service Description

TCP port 1723 is the standard port for Point-to-Point Tunneling Protocol (PPTP), a method for implementing virtual private networks (VPNs). PPTP, developed by Microsoft in the late 1990s, creates a tunnel over a TCP/IP network to encapsulate PPP (Point-to-Point Protocol) frames, allowing remote clients to securely connect to a private network. The protocol uses TCP port 1723 for connection management and control, while GRE (Generic Routing Encapsulation, protocol 47) handles the actual data transfer. The client initiates a TCP connection to the server on port 1723. Once the connection is established, PPTP uses this channel to negotiate encryption and authentication parameters. After the negotiation, GRE is used to encapsulate the PPP frames, providing a secure channel for data transmission. PPTP authenticates users using various methods, including Password Authentication Protocol (PAP), Challenge-Handshake Authentication Protocol (CHAP), and Microsoft CHAP (MS-CHAP).

## Firewall Recommendations

Due to the inherent security weaknesses of PPTP, it is generally recommended to block TCP port 1723 and GRE protocol 47 unless absolutely necessary. If PPTP must be used, it should be replaced with a more secure VPN protocol such as OpenVPN, IPsec, or WireGuard. If blocking is not possible, ensure that strong passwords are used, and consider implementing multi-factor authentication. Monitor network traffic for suspicious activity, and keep the PPTP server software up to date with the latest security patches. It is crucial to understand that even with these measures, PPTP remains a high-risk protocol and should be avoided whenever possible. Consider using a modern VPN solution that offers better security features and encryption algorithms.

Security Information

PPTP is widely considered insecure due to several inherent vulnerabilities. The authentication protocols used by PPTP, such as PAP and CHAP, are weak and susceptible to brute-force attacks and eavesdropping. MS-CHAP v1 is notoriously vulnerable to offline cracking, allowing attackers to recover user credentials. MS-CHAP v2 is also vulnerable to man-in-the-middle attacks. Furthermore, the encryption used by PPTP, typically MPPE (Microsoft Point-to-Point Encryption), has known weaknesses and can be broken using readily available tools. The combination of weak authentication and encryption makes PPTP a prime target for attackers seeking to intercept or decrypt sensitive data. Due to these vulnerabilities, PPTP should be avoided in environments where security is a concern. Attackers often target PPTP servers because they are easy to exploit and provide a relatively simple entry point into a network.

Known Vulnerabilities

CVE	Name	Severity	Description
CVE-1998-0025	MS-CHAP v1 Vulnerability	Critical	MS-CHAP v1 is vulnerable to offline dictionary attacks, allowing attackers to recover user passwords.
CVE-2012-2556	PPTP Protocol Vulnerability	Medium	PPTP is vulnerable to man-in-the-middle attacks when using MS-CHAP v2.
CVE-2012-3948	MPPE Weak Encryption	High	The MPPE encryption algorithm used by PPTP has known weaknesses and can be broken with sufficient computational resources.
CVE-2014-0411	Windows PPTP Vulnerability	High	A privilege escalation vulnerability exists in Windows when the PPTP driver improperly handles objects in memory.