What a pleasant surprise it was to stumble across this today!

The SANS institute is the leading Information Security body in the world, Funded/created by a cooperative effort of the FBI and NSA (National Security Agency) as well as other sources and working with other security/intelligence/law-enforcement agencies and companies around the world.

They develop and set standards worldwide for information security, helping governments, financial institutions, etc. improve security and security awareness.

The FAQ they adapted from my document is here (with full credit given!):
http://www.sans.org/resources/malwarefaq/pptp-vpn.php

I was certified by the SANS institute's GIAC (Global Information Assurance Certification) program a little over 2 years ago. Part of this (most difficult of all my certs) program is a complete thesis/dissertation/practical applying what's been learned and delivering a detailed (and has to be unique) document, proving comprehensive understanding and usage of the skills developed for "real world" use.
They normally keep a copy in their giac.org section of their site listing all their certified people ( http://www.giac.org/GCIH_400.php you'll see me listed there ). However, to be in the SANS Institutes main malware faqs is unusual, and a high honor. ;)

I chose to do mine on the Microsoft PPTP VPN implementation (VPN = Virtual Private Networks), commonly used worldwide. VPNs allow people and businesses to connection to remote locations "security" using encryption tunneling to make a normally public connection (such as the Internet) private. I noticed there were lots of "bits and pieces" of information scattered around about PPTP and vulnerabilities, etc. but no single comprehensive document or resource, so I decided to try to create that document, and it looks like it worked! ;-) I spent 6 months building my own lab with around 20 systems and months of online research, to put the comprehensive document together.

I just found out that they published my document as their Malware (Malicious Software) FAQs (Frequently Asked Questions) section as the definitive response to anyone needing to learn about Microsoft's PPTP (Point To Point Tunnelling Protocol) VPNs (Virtual Private Networks), the most commonly used VPN in the world (thankfully being slowly phased out by IPSec and other standards, as even MS is abandoning their poor PPTP implementation) !

http://www.sans.org/resources/malwarefaq/index.php

The FAQ they adapted from my document is here (with full credit given!):
http://www.sans.org/resources/malwarefaq/pptp-vpn.php

The original document I submitted is here:
http://www.giac.org/practical/Hawke_Robinson_GCIH.zipbr />