public

  • Download Gist
Relevant logs from the Windows diagnostics
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37
[7320] 11-17 23:49:14:123: RasGetConnectStatus: read phonenumber </endpoint-address> from port user data
[9988] 11-17 23:49:14:127: NotifyCaller done (dwNotifyResult=1)
[9988] 11-17 23:49:14:128: GetLogonUser=Santi
[9988] 11-17 23:49:14:128: GetLogonDomain=DELTA
[9988] 11-17 23:49:14:129: RASCS_ConnectDevice
[9988] 11-17 23:49:14:129: RasDeviceSetInfo done(0)
[9988] 11-17 23:49:14:129: SetDeviceParamBinary for RDT_Tunnel_Sstp
[9988] 11-17 23:49:14:130: GUID is 625d2c97-313d-48b2
[9988] 11-17 23:49:14:159: GetSstpDestinationInfo completes with 0: Proxy Query Status: 0 DestInfoSize: 120
[9988] 11-17 23:49:14:159: GetSstpDestinationInfo completes with CorrelationID length 16.GUID is 625d2c97-313d-48b2
[9988] 11-17 23:49:14:160: RasDeviceSetInfo(Binary) done(0)
[9988] 11-17 23:49:14:160: SetDeviceParamBinary returned 0
[9988] 11-17 23:49:14:160: RasDeviceSetInfo(Compartment=1)...
[9988] 11-17 23:49:14:161: RasDeviceSetInfo done(0)
[9988] 11-17 23:49:14:161: SetDeviceParams(rastapi, WAN Miniport (SSTP), 0)
[9988] 11-17 23:49:14:161: RasDeviceConnect(rastapi,WAN Miniport (SSTP))...
[9988] 11-17 23:49:14:166: RasDeviceConnect done(600)
[9988] 11-17 23:49:14:166: RasDialMachine errors=600,0
[9988] 11-17 23:49:14:166: WaitForDialMachineEvent
[9988] 11-17 23:49:14:166: WaitForDialMachineEvent: event from rasman
[9988] 11-17 23:49:14:166: WaitForDialMachineEvent: a context received
[9988] 11-17 23:49:14:166: ValidateDmContext:
[9988] 11-17 23:49:14:166: ValidateDmContext: hrasconn block contains a different context pointer or type
[9988] 11-17 23:49:14:166: ValidateDmContext: hrasconn block verification passed
[9988] 11-17 23:49:14:166: WaitForDialMachineEvent: pOverlapped=0x4f8d1a4, type=1
[9988] 11-17 23:49:14:166: AppendNewContextToQueue:
[9988] 11-17 23:49:14:166: AppendNewContextToQueue:Set Event:
[9988] 11-17 23:49:14:166: WaitForDialMachineEvent: event from dial machine
[9988] 11-17 23:49:14:166: GetOneContextFromQueue
[9988] 11-17 23:49:14:166: GetOneContextFromQueue: The context is:0x04F8D1A4,type=1
[9988] 11-17 23:49:14:167: GetOneContextFromQueue: Number of Messages left in the queue is:0
[9988] 11-17 23:49:14:167: ValidateDmContext:
[9988] 11-17 23:49:14:167: ValidateDmContext: hrasconn block contains a different context pointer or type
[9988] 11-17 23:49:14:167: ValidateDmContext: hrasconn block verification passed
[9988] 11-17 23:49:14:167: WaitForDialMachineEvent: pOverlapped=0x4f8d1a4, type=1
[9988] 11-17 23:49:14:167: WaitForDialMachineEvent: Unblock i=0, h=0x4f8d16c
[9988] 11-17 23:49:14:167: Link dropped!
chap-secrets
1 2 3 4
# Secrets for authentication using CHAP
# client server secret IP addresses
 
delta pptpd notyourluckydaytoday *
iptables -L
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19
# iptables -t filter -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
 
Chain FORWARD (policy ACCEPT)
target prot opt source destination
 
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
# sudo iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
 
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
 
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- anywhere anywhere
pptpd-options
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99
###############################################################################
# $Id: pptpd-options 4643 2006-11-06 18:42:43Z rene $
#
# Sample Poptop PPP options file /etc/ppp/pptpd-options
# Options used by PPP when a connection arrives from a client.
# This file is pointed to by /etc/pptpd.conf option keyword.
# Changes are effective on the next connection. See "man pppd".
#
# You are expected to change this file to suit your system. As
# packaged, it requires PPP 2.4.2 and the kernel MPPE module.
###############################################################################
 
 
# Authentication
 
# Name of the local system for authentication purposes
# (must match the second field in /etc/ppp/chap-secrets entries)
name pptpd
 
# Optional: domain name to use for authentication
# domain mydomain.net
 
# Strip the domain prefix from the username before authentication.
# (applies if you use pppd with chapms-strip-domain patch)
#chapms-strip-domain
 
 
# Encryption
# Debian: on systems with a kernel built with the package
 
# kernel-patch-mppe >= 2.4.2 and using ppp >= 2.4.2, ...
# {{{
refuse-pap
refuse-chap
refuse-mschap
# Require the peer to authenticate itself using MS-CHAPv2 [Microsoft
# Challenge Handshake Authentication Protocol, Version 2] authentication.
require-mschap-v2
# Require MPPE 128-bit encryption
# (note that MPPE requires the use of MSCHAP-V2 during authentication)
require-mppe-128
# }}}
 
 
 
 
# Network and Routing
 
# If pppd is acting as a server for Microsoft Windows clients, this
# option allows pppd to supply one or two DNS (Domain Name Server)
# addresses to the clients. The first instance of this option
# specifies the primary DNS address; the second instance (if given)
# specifies the secondary DNS address.
# Attention! This information may not be taken into account by a Windows
# client. See KB311218 in Microsoft's knowledge base for more information.
#ms-dns 10.0.0.1
#ms-dns 10.0.0.2
 
 
# If pppd is acting as a server for Microsoft Windows or "Samba"
# clients, this option allows pppd to supply one or two WINS (Windows
# Internet Name Services) server addresses to the clients. The first
# instance of this option specifies the primary WINS address; the
# second instance (if given) specifies the secondary WINS address.
#ms-wins 10.0.0.3
#ms-wins 10.0.0.4
 
# Add an entry to this system's ARP [Address Resolution Protocol]
# table with the IP address of the peer and the Ethernet address of this
# system. This will have the effect of making the peer appear to other
# systems to be on the local ethernet.
# (you do not need this if your PPTP server is responsible for routing
# packets to the clients -- James Cameron)
proxyarp
 
# Debian: do not replace the default route
nodefaultroute
 
 
# Logging
 
# Enable connection debugging facilities.
# (see your syslog configuration for where pppd sends to)
debug
#I can't see the above giving any effect however --bp
 
# Print out all the option values which have been set.
# (often requested by mailing list to verify options)
#dump
 
 
# Miscellaneous
 
# Create a UUCP-style lock file for the pseudo-tty to ensure exclusive
# access.
lock
 
# Disable BSD-Compress compression
nobsdcomp
pptpd.conf
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78
###############################################################################
# $Id: pptpd.conf 4255 2004-10-03 18:44:00Z rene $
#
# Sample Poptop configuration file /etc/pptpd.conf
#
# Changes are effective when pptpd is restarted.
###############################################################################
 
# TAG: ppp
# Path to the pppd program, default '/usr/sbin/pppd' on Linux
#
#ppp /usr/sbin/pppd
 
# TAG: option
# Specifies the location of the PPP options file.
# By default PPP looks in '/etc/ppp/options'
#
option /etc/ppp/pptpd-options
 
# TAG: debug
# Turns on (more) debugging to syslog
#
#debug
 
# TAG: stimeout
# Specifies timeout (in seconds) on starting ctrl connection
#
# stimeout 10
 
# TAG: noipparam
# Suppress the passing of the client's IP address to PPP, which is
# done by default otherwise.
#
#noipparam
 
# TAG: logwtmp
# Use wtmp(5) to record client connections and disconnections.
#
logwtmp
 
# TAG: bcrelay <if>
# Turns on broadcast relay to clients from interface <if>
#
#bcrelay eth1
 
# TAG: localip
# TAG: remoteip
# Specifies the local and remote IP address ranges.
#
# Any addresses work as long as the local machine takes care of the
# routing. But if you want to use MS-Windows networking, you should
# use IP addresses out of the LAN address space and use the proxyarp
# option in the pppd options file, or run bcrelay.
#
# You can specify single IP addresses seperated by commas or you can
# specify ranges, or both. For example:
 
#
# 192.168.0.234,192.168.0.245-249,192.168.0.254
#
# IMPORTANT RESTRICTIONS:
#
# 1. No spaces are permitted between commas or within addresses.
#
# 2. If you give more IP addresses than MAX_CONNECTIONS, it will
# start at the beginning of the list and go until it gets
# MAX_CONNECTIONS IPs. Others will be ignored.
#
# 3. No shortcuts in ranges! ie. 234-8 does not mean 234 to 238,
# you must type 234-238 if you mean this.
#
# 4. If you give a single localIP, that's ok - all local IPs will
# be set to the given one. You MUST still give at least one remote
# IP for each simultaneous client.
#
# (Recommended)
localip 192.168.0.202
remoteip 192.168.0.100-199
rc.local
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
#!/bin/sh -e
#
# rc.local
#
# This script is executed at the end of each multiuser runlevel.
# Make sure that the script will "exit 0" on success or any other
# value on error.
#
# In order to enable or disable this script just change the execution
# bits.
#
# By default this script does nothing.
 
#PPTP IP FORWARDING
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
 
#SSH BRUTE FORCE PROTECTION
#iptables -A INPUT -i eth1 -p tcp --dport 22 -m state --state NEW -m recent --set --name SSH
#iptables -A INPUT -i eth1 -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 60 --hitcount 8 --rttl --name SSH -j DROP
 
exit 0
/etc/rc.local
sysctl.conf
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60
#
# /etc/sysctl.conf - Configuration file for setting system variables
# See /etc/sysctl.d/ for additional system variables.
# See sysctl.conf (5) for information.
#
 
#kernel.domainname = example.com
 
# Uncomment the following to stop low-level messages on console
#kernel.printk = 3 4 1 3
 
##############################################################3
# Functions previously found in netbase
#
 
# Uncomment the next two lines to enable Spoof protection (reverse-path filter)
# Turn on Source Address Verification in all interfaces to
# prevent some spoofing attacks
#net.ipv4.conf.default.rp_filter=1
#net.ipv4.conf.all.rp_filter=1
 
# Uncomment the next line to enable TCP/IP SYN cookies
# See http://lwn.net/Articles/277146/
# Note: This may impact IPv6 TCP sessions too
#net.ipv4.tcp_syncookies=1
 
# Uncomment the next line to enable packet forwarding for IPv4
net.ipv4.ip_forward=1
 
# Uncomment the next line to enable packet forwarding for IPv6
# Enabling this option disables Stateless Address Autoconfiguration
# based on Router Advertisements for this host
#net.ipv6.conf.all.forwarding=1
 
 
###################################################################
# Additional settings - these settings can improve the network
# security of the host and prevent against some network attacks
# including spoofing attacks and man in the middle attacks through
# redirection. Some network environments, however, require that these
# settings are disabled so review and enable them as needed.
#
# Do not accept ICMP redirects (prevent MITM attacks)
#net.ipv4.conf.all.accept_redirects = 0
#net.ipv6.conf.all.accept_redirects = 0
# _or_
# Accept ICMP redirects only for gateways listed in our default
# gateway list (enabled by default)
# net.ipv4.conf.all.secure_redirects = 1
#
# Do not send ICMP redirects (we are not a router)
#net.ipv4.conf.all.send_redirects = 0
#
# Do not accept IP source route packets (we are not a router)
#net.ipv4.conf.all.accept_source_route = 0
#net.ipv6.conf.all.accept_source_route = 0
#
# Log Martian Packets
#net.ipv4.conf.all.log_martians = 1
#

Please sign in to comment on this gist.

Something went wrong with that request. Please try again.