Does FreeRADIUS include a DHCP server? We are happy to announce that FreeRADIUS 3 is now fully compliant with the base DHCP standards . Previous versions supported the base DORA exchange, but lacked some features such as handling Decline p... Network Security Protocols
RADIUS Insecurity RADIUS is almost thirty years old, and uses cryptography based on MD5. Given that MD5 has been broken for over a decade, what are the implications for RADIUS? Why is RADIUS still using MD5? RADIUS sti... Network Security Protocols
Announcing SRADIUS RADIUS has used MD5 for security for almost thirty years. It is time to use a modern alternative: SRADIUS! We just released an Internet-Draft which defines “Secure RADIUS”, or “SRADIUS”. We also have ... Network Security Protocols
Introducing RADIUS 1.1 RADIUS has a problem. The name of the problem is MD5. The MD5 hash algorithm was defined in 1991, and was used in RADIUS in 1993. However, MD5 is no longer secure. It is a bit of a miracle that RADIUS... Network Security Best Practices Network Security Protocols
Why you should separate historical data from live data ISPs and telecoms are often legally required to keep user sessiondata for long periods of time. However, keeping these records can result in enormous databases tables which significantlyaffect the per... Network Security Best Practices Network Security Protocols
Making RADIUS More Secure As we’ve previously discussed, there are several insecure elements in RADIUS. We are currently working in the IETF (Internet Engineering Task Force) to close those gaps and improve security for everyo... Network Security Protocols
How to customize an OEM instance of FreeRADIUS As the most popular RADIUS server in the world, FreeRADIUS is used by many hardware vendors. They ship their products with FreeRADIUS as an embedded or “OEM” product. It is common for them to need som... Network Security Protocols
Expert Advice Beats Internet Wisdom: What Not To Do About BlastRADIUS There’s a lot of misinformation circulating about the BlastRADIUS vulnerability. For us, as RADIUS experts, it’s a depressing reminder of how little people understand about this foundational protocol ... Network Security Best Practices Network Security Protocols Security Threats and Vulnerabilities
RADIUS password compatibility This article covers password storage compatibility for RADIUS deployments. You'll findan overview of how the RADIUS protocol works here. In order for RADIUS authentication to work, user passwords need... Network Security Best Practices Network Security Protocols
How authentication protocols work Choosing an authentication protocol is one of the most important decisions when designing a RADIUS ecosystem. There are a variety of authentication protocols to choose from, each with their own set of... Network Security Protocols
PAP vs CHAP: A complete security comparison One of the most common questions about RADIUS security asks “Is PAP secure?” The usual answer is “no”, which is (in our opinion) simply wrong. A better answer is “Here’s a comparison of PAP and CHAP, ... Network Security Best Practices Network Security Protocols
Is PAP secure? A complete analysis of PAP authentication security A common misconception is that PAP is less secure than other authentication protocols such as CHAP, MS-CHAP, or EAP-MSCHAP(v2). This perception arises because of a misunderstanding of how PAP is actua... Network Security Best Practices Network Security Protocols