News: This forum is now permanently frozen.
Pages: [1]
Topic: Radius traffic over public lines  (Read 1733 times)
« on: April 08, 2008, 05:01:06 »
linuxamp
Guest

I'm familiar with Monowall but new to Radius.  I've setup a radius backed PPTP VPN for Windows users using MS-CHAP.  Currently the radius server is on the local LAN but I may need to move it on to the Internet.  A packet capture reveals some important looking information in the radius authentication traffic. 

I'm assuming this is bad to pass over the Internet.  Can anyone confirm this?  The protocol appears to be unencrypted but the actual data such as my password is not present in clear text.
« Reply #1 on: April 08, 2008, 23:13:18 »
SlickNetAaron *
Posts: 44

wikipedia may be your friend here Smiley

radius is not encrypted, but passwords are slightly protected.  It's still not very secure

http://en.wikipedia.org/wiki/Radius_server

Aaron
« Reply #2 on: April 09, 2008, 01:13:13 »
linuxamp
Guest

Thanks for the confirmation.  It's funny, your response is much like I've seen on support boards before except they'd always say "google is your friend" and google was my first place to look but to no avail.  It slipped my mind to check Wikipedia this time but I read most of the documentation on the freeradius site which is unfortunately quite poor at the time.
« Reply #3 on: April 09, 2008, 02:31:17 »
SlickNetAaron *
Posts: 44

See this thread: http://forum.m0n0.ch/index.php/topic,236.0.html

When the answer is readily available somewhere else, people think it is lazy and rude to ask a question that is already spelled out elsewhere.  That being said, we all have searched and not been able to find the answer.  This is why it's good to preface your question with "I tried searching for xxx terms on Google and couldn't find anything." 

Happy firewalling Smiley

Aaron

 
Pages: [1]
 
 
Powered by SMF 1.1.20 | SMF © 2013, Simple Machines