PPTP vs OpenVPN
This is covered completely on our VPN pages, but I want stress it clearly that PPTP should only be used as a last resort. Even then, it should be used in conjunction with SSH tunneling as additional protection.
PPTP has major flaws. It’s encryption uses the password as the key and it’s datastream carries a retrievable password hash. To make that perfectly clear, someone can take your password out of the datastream and decrypt your traffic.
Granted, there is more to it than that. They must somehow intercept your traffic, but while complicated, it is not impossible (we have seen and stopped attempts at arp poisoning attacks). They also must be able to crack the encrypted password hash.
There are tools to crack this. However, a very complex password will take eons to brute force. A common word, even if you replace vowels with numbers (this is too common people), may be cracked in minutes.
OpenVPN is subject to none of these weaknesses. It uses very strong certificate based encryption (blowfish). Even if someone does intercept your traffic, they can gain nothing from it. Use OpenVPN over PPTP.
