MS-CHAP is dead MS-CHAP has been in use since 1998. It was Microsoft's answer to the challenge of authenticating users over networks, built into every version of Windows and deeply embedded in VPN and Wi-Fi infrastru... Network Security Best Practices Network Security Protocols
Command line testing for EAP with FreeRADIUS As part of the process of configuring EAP for FreeRADIUS , you will need to test whether or not it works. If you prefer to use a command line tool rather than clicking through windows, this article wa... Network Security Best Practices
My FreeRADIUS server is slow. What's wrong? If you are encountering performance issues with FreeRADIUS, the first thought is usually to blame FreeRADIUS. In fact, it’s always the database which is the source of a system slowdown . Well, maybe n... Network Security Best Practices
FreeRADIUS hardware requirements A common question for people installing the server is “what are the hardware requirements for FreeRADIUS?” The answer is both simpler, and more complex than you would think. The performance of a RADIU... Network Security Best Practices
RADIUS for Universities University environments present challenges for RADIUS system design. Every hour, on the hour, thousands of students close their laptops, move to a different location, and open them again. This unique ... Network Security Best Practices
The problem with RADIUS in the cloud The promise of cloud-hosted infrastructure sounds tempting. Someone else manages yourdatabase, you pay only for what you need, you may have better data security, and the database can scale up with you... Network Security Best Practices
Disaster-proof your network critical infrastructure If you live in an earthquake zone, it’s important to engineer buildings to survive an earthquake. You don’t know when an earthquake will happen, or where exactly, or how big it’s going to be, but you ... Network Security Best Practices
RADIUS design for internet service providers (ISPs) More than almost any other business, internet service providers (ISPs) need to provide their customers with fast, reliable internet connection to their computer network. Any downtime can be catastroph... Network Security Best Practices
Exposed: National Public Data breach makes a nation’s secrets public The hacking of 270 million social security numbers from National Public Data reinforces the best practice for personal data: always encrypt PII. The cat is out of the bag for National Public Data. In ... Network Security Best Practices
RADIUS password compatibility This article covers password storage compatibility for RADIUS deployments. You'll findan overview of how the RADIUS protocol works here. In order for RADIUS authentication to work, user passwords need... Network Security Best Practices Network Security Protocols
PAP vs CHAP: A complete security comparison One of the most common questions about RADIUS security asks “Is PAP secure?” The usual answer is “no”, which is (in our opinion) simply wrong. A better answer is “Here’s a comparison of PAP and CHAP, ... Network Security Best Practices Network Security Protocols
Is PAP secure? A complete analysis of PAP authentication security A common misconception is that PAP is less secure than other authentication protocols such as CHAP, MS-CHAP, or EAP-MSCHAP(v2). This perception arises because of a misunderstanding of how PAP is actua... Network Security Best Practices Network Security Protocols