Hello all,
On Thu, 5 Dec 2002 06:27, Jon Baer wrote: > Well ... Ive actually just finished reading the OReilly Radius book and > was looking to evaluate some for a small personal/hobby project, and > just trying to understand EAP altogether. Someone before on this list > mentioned the need for AAA on all devices/platforms including laptops, > PDAs, phones ... Im assuming this is the method to accomplish it. What > is the most common and popular flavor @ the moment? The most common type of wireless authentication we see is still MAC address based, with static WEP keys. However, I think most people in the wireless community now view the security level offered by that combination as being quite weak. Many low-end wireless AP's still only provide MAC address authentication (either internally or to a Radius AAA server), but there are more and more APs coming that support 802.1x EAP authentication to a Radius server. And there is now a wide range of wireless clients for different platforms that support one or more 802.1x EAP authentication protocols. Probably EAP-TTLS-* and EAP-PEAP are set to become the most popular. EAP-TLS has been available longer (on Windows and Linux), but it requires a PKI certificate to be installed on each wireless client, which is tedious. TTLS and PEAP only require a single certificate for the Radius server. These 802.1x EAP authentication protocols all provide much stronger authentication security, plus dynamic WEP keys. (ie a different WEP key for each client, and for each connection) I think if you are seriously concerned with wireless security, you should be looking at EAP authentication and dynamic WEP. Radiator supports all the ones mentioned above and more, as well as MAC. Hope that helps. Cheers. > > - Jon > > Mike McCauley wrote: > >Hi Jon, > > > >Im happy to help anyone get off the ground with Radiator+wireless+mysql. > > > >What flavour(s) of wireless authentication are you interested in? You > > should be able to do -- Mike McCauley [EMAIL PROTECTED] Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW 24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au Phone +61 3 9598-0985 Fax +61 3 9598-0955 Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP etc on Unix, Windows, MacOS etc. -- NYCwireless - http://www.nycwireless.net/ Un/Subscribe: http://lists.nycwireless.net/mailman/listinfo/nycwireless/ Archives: http://lists.nycwireless.net/pipermail/nycwireless/
