Results 1 to 7 of 7

Thread: What is your opinion of RADIUS?

  1. #1
    Just burned his ISO
    Join Date
    Feb 2008
    Posts
    22

    Default What is your opinion of RADIUS?

    From what I have learned here and what I have read online, RADIUS is the best wireless security option. I downloaded "WinRadius". I am going to look at it a bit closer tonight when I get up. What is your opinion? Do you think this is a good idea?

  2. #2
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default

    Yes setting up RADIUS for authentication of wireless clients is a good idea.
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

  3. #3
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    A little bit of lite reading.

    I believe there was also something present at Shmoocon regarding the bypassing of RADIUS authentication, but I missed that talk.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  4. #4

  5. #5
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default

    Don't let reading of vulnerabilities discourage you. There is no such thing as a system which is 100% secure or vulnerability free. IMHO WPA & Radius are still the best solution especially for enterprise deployments where data/network security is important. (If anyone disagrees I'm open to a healthy debate, I'll admit I'm behind on my wireless reading etc so there might be something better).
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

  6. #6
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default

    As far as I'm concerned wpa + radius is the best I was just linking to the vulnerability streaker mentioned that Josh Wright presented at shmoo con. At my school they have that plus under the airodump heading where it normally says pre shared key they have something called mgt which I'm not sure but I believe that takes the psk out of the equation which makes it more secure. I'm not to sure how thats done so if someone knows I'd love to hear about it.

  7. #7
    Senior Member PrairieFire's Avatar
    Join Date
    Apr 2007
    Posts
    705

    Default

    Heres the PDF of the presentation which goes into more detail.
    Have tested the tools he uses through out the slides on my WPA-TKIP PEAP MSCHAP-V2 setup and it was vulnerable.
    Μολὼν λαβέ - Great spirits encounter heavy opposition from mediocre minds.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •