Re: (ASCEND) Radius authenication question

To: ascend-users@bungi.com
Subject: Re: (ASCEND) Radius authenication question
From: maxed_out_user@hotmail.com
Date: Fri, 21 Apr 2000 09:57:28 -0700
Sender: owner-ascend-users@max.bungi.com

Regardless if you want to send the RADIUS request either as a proxy
RADIUS request or a normal RADIUS request, the user's password will be
hidden in a one way MD5 hash so this will relatively be a safe thing to
do.  However, the User-Name will not be encrypted, so a potential hacker
will have one less thing to figure out if using a sniffer.  I'm not sure
if that's really big deal though.

The only other concern of mine is the reliability of the Internet.
Provided links don't go down very often, you're service will be
reliable, but if links do go down frequently, then you're deep in the
water since users will not be able to authenticate.

That's just my opinion.


Hi,

This may be a little off topic but we use radius (AAC) to authenicate
our Ascend Maxes and we would like add a remote pop that would require
us to authenicate over the internet. Are the shared secrets good enough
for passing this information or should we be looking at some type of VPN
connection to carry the authenication?

I know a lot of people out source dialup and use radius proxy
authenication... so my guess is that the shared secrets work well
enough.

Any thoughts? Pitfalls?

Randy Smith

++ Ascend Users Mailing List ++
To unsubscribe:	send unsubscribe to ascend-users-request@bungi.com
To get FAQ'd:	<http://www.nealis.net/ascend/faq>

Prev by Date: (ASCEND) 7.2.4 for MAX
Next by Date: Re: (ASCEND) MAX 4002 won't link to PRI
Prev by thread: (ASCEND) Radius authenication question
Next by thread: (ASCEND) 7.2.4 for TNT
Index(es):
- Date
- Thread