How to Analyze Network Protocols, Learn More >>

Being able to support more than 300 protocols in the latest version, Capsa Network Sniffer make it easy to analyze protocols in network and understand what is happening.

Recommend Network Analysis Software >>


RFC 2637 http://tools.ietf.org/html/rfc2637

PPTP (Point to Point Tunneling Protocol) allows PPP to be channeled through an IP network. It uses a client-server architecture to decouple functions which exist in current Network Access Servers and support Virtual Private Networks. It specifies a call-control and management protocol which allows the server to control access for dial-in circuit switched calls originating from a PSTN or ISDN, or to initiate outbound circuit switched connections. PPTP uses a GRE-like (Generic Routing Encapsulation) mechanism to provide a flow- and congestion-controlled encapsulated datagram service for carrying PPP packets.
The format of the header is shown in the following illustration:

16
32 bits
Length
PPTP message type
Magic cookie
Control message type
Reserved 0
PPTP header structure

Length
Total length in octets of this PPTP message including the entire PPTP header.

PPTP message type
The message type. Possible values are:
1   Control message.
2   Management message.

Magic cookie

The magic cookie is always sent as the constant 0x1A2B3C4D. Its basic purpose is to allow the receiver to ensure that it is properly synchronized with the TCP data stream.

Control Message Type
Values may be:
1   Start-Control-Connection-Request.
2   Start-Control-Connection-Reply.
3   Stop-Control-Connection-Request.
4   Stop-Control-Connection-Reply.
5   Echo-Request.
6   Echo-Reply.

Call Management
7   Outgoing-Call-Request.
8   Outgoing-Call-Reply.
9   Incoming-Call-Request.
10   Incoming-Call-Reply.
11   Incoming-Call-Connected.
12   Call-Clear-Request.
13   Call-Disconnect-Notify.

Error Reporting
14   WAN-Error-Notify.

PPP Session Control

15   Set-Link-Info.

Reserved
A reserved field, must be set to 0

Vulnerabilities for this protocol (from CVE)

CVE ID Protocol Source Port Targetport

TCP/IP Protocols:

AHARP/RARPATMPBGP-4COPSDCAPDHCPDNS
DVMRPEGPEIGRPESPFANPFingerFTPHSRP
HTTPICMPICMPv6IGMPIGRPIMAP4IPIPDC
IPv6ISAKMPL2FL2TPLDAPMARSMobile IPNARP
NetBIOS/IPNHRPNTPOSPFPIMPOP3PPTPRadius
RIP2RIPng for IPv6RLOGINRSVPRTSPRUDPS-HTTPSCTP
SLPSMTPSNMPSOCKS V5TACACSTALITCPTELNET
TFTPUDPVan JacobsonVRRPWCCPX-WindowXOT