[Dshield] Wireless broadcasts
cef at optus.net
Wed Jun 29 03:57:37 GMT 2005
On Wednesday 29 June 2005 02:48, Daniel Cherton wrote:
> Which is why I'm switching to 802.1x and PEAP .
> Anybody knows a free RADIUS server for Windows, else I'll go with Linux.
As mentioned IAS does that job. Are you sure you want to use PEAP though?
There are 2 implementations of PEAP - one from Cisco, one from MS and they
vary just enough to cause issues. You should also note that any user ID stuff
(not the password, just the username/ID) is sent in the clear with PEAP.
Personally, I'd recommend TTLS if you're really interested in security. TTLS
also uses much less traffic to actually authenticate with the server compared
to PEAP. A real boon if you migrate between AP's (as you need to
re-authenticate), and reduces the load on the Radius server. It also allows
the client to actually authenticate that it's talking to the right server,
rather than just assuming that whatever server it's talking to is the correct
Stuart Young - aka Cefiar - cef at optus.net
More information about the list