Juan Perez wrote: > Let's suppose that I have two servers running the latest and > shiniest version of FreeRadius and for some reason there is a bug in > FreeRadius that causes the server to crash when a specially crafted > RADIUS packet is received.
Hmm... that's hard to do: http://freeradius.org/security.html Notice anything about 2.x on that page? > Let's suppose that there is also an attacker > (a disglunted employee maybe?), who knows about this bug and decides to > attack my FreeRadius servers, so he starts sending these > specially crafted packets to each server and since the two servers have > the same bug, both of them would die upon receiving these packets. Even if that did happen, you would probably notice. > If I have two servers from different vendors, I could thus hopefully > guarantee that at least the horrible server would continue working while > an attack targeted at FreeRadius is going on. The horrible server > doesn't need to be necessarily a Cisco ACS, any other horrible server > would do it (Microsoft IAS, Steel-Belted, etc). > > So, does it make sense now or is the idea too stupid to be even considered? Or, you could believe that maintaining the same configuration in two completely independent products is a huge PITA, and not worth the effort of "maybe" avoiding an attack. The FreeRADIUS source code is regularly scanned with Coverity, LLVM, and a few others. Nothing has come up in the last 3 years, for 2.x. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
