Disaster-proof your network critical infrastructure If you live in an earthquake zone, it’s important to engineer buildings to survive an earthquake. You don’t know when an earthquake will happen, or where exactly, or how big it’s going to be, but you ... Network Security Best Practices
RADIUS design for internet service providers (ISPs) More than almost any other business, internet service providers (ISPs) need to provide their customers with fast, reliable internet connection to their computer network. Any downtime can be catastroph... Network Security Best Practices
Network design for multi-site RADIUS systems Some organizations and network operators such as ISPs can use a central RADIUS service for all of their RADIUS needs. This configuration is possible when there are a small number of users, or system l... Network Security Best Practices
Introducing RADIUS 1.1 RADIUS has a problem. The name of the problem is MD5. The MD5 hash algorithm was defined in 1991, and was used in RADIUS in 1993. However, MD5 is no longer secure. It is a bit of a miracle that RADIUS... Network Security Best Practices Network Security Protocols
Authorized users only: Why use RADIUS and 802.1x to control network access? RADIUS can be an alternative to implementing 802.1x for network access control in complex enterprise environments. Controlling which users and what devices are on your network has become significantly... Network Security Best Practices
Exposed: National Public Data breach makes a nation’s secrets public The hacking of 270 million social security numbers from National Public Data reinforces the best practice for personal data: always encrypt PII. The cat is out of the bag for National Public Data. In ... Network Security Best Practices
Expert Advice Beats Internet Wisdom: What Not To Do About BlastRADIUS There’s a lot of misinformation circulating about the BlastRADIUS vulnerability. For us, as RADIUS experts, it’s a depressing reminder of how little people understand about this foundational protocol ... Network Security Best Practices Network Security Protocols Security Threats and Vulnerabilities
PAP vs CHAP. Is PAP less secure? One of the most common questions about RADIUS security asks “Is PAP secure?” The usual answer is “no”, which is (in our opinion) seriously misleading. A better answer is “Here’s a comparison of PAP an... Network Security Best Practices Network Security Protocols
Is PAP secure? A common misconception is that PAP is less secure than other authentication protocols such as CHAP, MS-CHAP, or EAP-MSCHAP(v2). This perception arises because of a misunderstanding of how PAP is actua... Network Security Best Practices Network Security Protocols
MS-CHAP is dead While MS-CHAP has been used since 1998, it uses DES encryption which was deprecated in 2002. Attacks on MS-CHAP itself have been known since 2006, and those attacks have only gotten better over time. ... Network Security Best Practices Network Security Protocols