Hello Tim -
I sent this to you yesterday, but here it is again:
http://www.cpan.org/modules/by-module/Apache/Apache-AuthenRadius-0.3.tar.gz
The notes you quote regarding Radius are quite correct, your Radiator host(s)
should be behind a firewall in any case. If you wish to use multiple copies
of Radiator it is very easy to do simply by specifying different port numbers
with the AuthPort and AcctPort parameters in the Radiator configuration file.
hth
Hugh
On Monday 26 February 2001 20:25, Tim McCullagh wrote:
> Hi Hugh,
>
> Can you tell me which apache pam / radius module I need to install to
> authenticate customers so that they can use radacct.cgi to get their own
> usage stats only. Mike mentions a pam radius module in the radacct.cgi
>
> I found 1 email in the mail archives where the following link was given
> http://pam.sourceforge.net/mod_auth_pam/
> Can you help with some example or link that may show how to configure this
> to authenticate the user using my radius database
>
> is this the correct module or should it be this one
>
> http://www.wede.de/sw/mod_auth_radius/
>
> Also is it correct that I shouldn't use the same radius for both NAS and
> web authentication as the mod_auth perl states
>
> <quote in mod_auth_radius module>
>
> Everyone wants strong authentication over the web. For us, this means
> RADIUS.
>
> Using static passwords & RADIUS authentication over the web is a BAD
> IDEA. Everyone can sniff the passwords, as they're sent over the net
> in the clear. RADIUS web authentication is a REALLY BAD IDEA if you
> use the same RADIUS server for web and NAS (dial-up) or firewall
> users. Then ANYONE can pretend to be you, and break through your
> firewall with minimal effort.
>
> PLEASE use a different RADIUS server for web authentication and
> dial-up or firewall users! If you must use the same server, go for
> one-time passwords. They're ever so much more secure.
>
> Also, do NOT have your RADIUS server visible to the external world.
> Doing so makes all kinds of attacks possible.
> <end quote>
>
>
>
> Thanks and regards
>
> Tim
>
>
>
>
> ===
> Archive at http://www.starport.net/~radiator/
> Announcements on [EMAIL PROTECTED]
> To unsubscribe, email '[EMAIL PROTECTED]' with
> 'unsubscribe radiator' in the body of the message.
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
