Highest Voted 'radius' Questions - IT Security Stack Exchange

34

votes

4 answers

What is the difference between a RADIUS server and Active Directory?

Why would I need a RADIUS server if my clients can connect and authenticate with Active Directory? When do I need a RADIUS server?

active-directory radius

asked Jul 14 '16 at 17:52

johnny

641
1
7
13

15

votes

3 answers

My school wifi asks to 'trust' a certificate on iPhones. Does this allow them to view SSL traffic?

There is a lot of confusion around this on here, so I am making this post to be sure to understand it correctly. My school uses Aruba networks wifi, and after I type my Active Directory username and password (RADIUS authentication), it tells me I…

tls wifi man-in-the-middle tls-intercept radius

asked Feb 01 '18 at 17:01

BusinessGuy

153
1
1
4

13

votes

1 answer

MPPE-Send and Receive key derivation from MS-CHAPv2

I am trying to get the MS-MPPE-Send-key and MS-MPPE-Recv-key from the MS-CHAPv2 challenge material. I am able to follow the RFCs 2548 3078 and 3079 to the step of getting the GetNewKeyFromSHA() it is 16 bytes long. I can use the key to encrypt data…

encryption authentication windows key-generation radius

asked May 10 '13 at 07:17

Jaime

139
5

13

votes

2 answers

WPA2 Enterprise AES encryption key size?

I have recently set up a RADIUS server with EAP for my wireless router, however, I have some questions about the key size and how WPA2 enterprise (AES) works in general. I have read that in Enterprise mode, the key used to encrypt the traffic…

encryption aes radius wpa2

asked Dec 10 '12 at 05:56

Dan

12

votes

3 answers

Encrypt WiFi connection per connected user

One of the questions that comes on quite often is about WiFi encryption. Now imagine that you have multiple users connecting to one AP. With a simple WPA2 protection setup they can still sniff each others traffic. What technology would allow a…

encryption wifi wpa2 radius

asked Aug 27 '12 at 07:45

Lucas Kauffman

54,169
17
112
196

9

votes

3 answers

Protection of eduroam credentials

Recently my educational institution officially switched over from the their own wireless network to eduroam. If I understand correctly from the FAQ, credential authentication is performed on the servers at my educational institution no matter where…

authentication wifi credentials radius peap

asked Aug 30 '15 at 16:36

rink.attendant.6

2,227
4
22
33

9

votes

2 answers

What's the difference between Radius and Kerberos?

Is Radius just a better version of Kerberos? I can't find anything about this. If you set up a Radius server in a modern network do you need Kerberos at all?

kerberos radius

asked May 24 '16 at 17:02

User104163

409
2
6
11

8

votes

3 answers

Are RADIUS and TACACS+ Ever Allowed in FIPS 140-2 Compliant Scenarios?

Are RADIUS and TACACS+ Ever Allowed in FIPS 140-2 Compliant Scenarios? I understand that RADIUS uses the MD5 hashing algorithm and I'm pretty sure TACACS+ does too, and I do not believe there is any implementation of either RADIUS or TACACS+ that…

cisco fips radius

asked Oct 24 '13 at 16:40

Ryan Ries

949
1
10
14

7

votes

3 answers

Can someone explain in simple steps how WPA2-Enterprise authentication and encryption happens?

When I try asking this question on other websites I get massive downvotes and am told "We're not doing your homework. Use google." Also I sometimes get banned. Anyways, I've searched tens of pages of google and still can't get a grasp on it. There's…

wpa2 wpa2-psk radius

asked Sep 13 '17 at 11:10

Newlo Newly

145
1
1
6

7

votes

2 answers

WPA2 Enterprise EAP-TLS Key Exchange

I'm in the process of implementing 802.1x WPA2 Enterprise Authentication using FreeRadius and EAP-TLS (Mutual TLS Cert Based Auth). I am keen to understand how to actual protocols work together and how they keep our WiFi network safe. I understand…

tls openssl x.509 radius wpa2-eap

asked Feb 21 '17 at 16:48

user140024

71
1
2

6

votes

2 answers

WiFi security using IEEE 802.1X - how secure is it?

My company's set-up involves a single AP (TPlink) that is configured to authenticate clients using RADIUS. All works well, but: on a regular WPA/WPA2 network, once you have the PSK, you are able to decode all the traffic other users generate. On an…

wifi wpa2 radius

asked May 07 '15 at 10:13

Konrad Gajewski

593
5
16

5

votes

3 answers

WiFi Hacking - Certificate based authentication instead of password

I would like to know if using a certificate based authentication instead of a WPA2 password in a WiFi network would be secure or insecure in terms of is it breakable or not? Since WPA2 can be dictionary guessed or brute forced. How does it look like…

certificates wifi wpa2 radius

asked May 31 '17 at 13:40

Honeypot2k

51
1
2

5

votes

2 answers

If PAP is insecure why is it commonly the only authentication protocol available for Radius?

In configuring Radius authentication on multiple devices from a vendor, I discovered that PAP is the only supported protocol. I was initially surprised but discovered that even an f5 BigIP only offers PAP too. Even further, several other vendors…

authentication radius

asked Nov 22 '16 at 21:13

gb5757870

195
1
1
11

4

votes

4 answers

How to decode traffic on a LAN whose SSL certificates are expired

We have a campus Wi-Fi at my university and we authenticate through a log in page which to me seems like we are using a RADIUS server. Every time the page loads my browser warns me that the certificate(s) being used are expired/not valid. Is there…

tls radius

asked Nov 02 '14 at 21:16

Manny265

165
5

4

votes

2 answers

Certificate validation with 802.1x PEAP

I recently learned about how WPA-PSK works. If I understand correctly, the 4-way handshake enables the protocol to ensure mutual possession of the PMK (and therefor, the PSK) without sending the PMK/PSK over. This way it's not susceptible to a…

authentication wifi wpa2 radius peap

asked Aug 11 '14 at 14:50

Compizfox

151
1
6

Questions tagged [radius]