Radius by Jonathan Hassell
Publisher: O'Reilly Media; 1 edition (October 30, 2002) | ISBN-10: 0596003226 | CHM | 0,6 Mb | 206 pages

There's far more to information security than usernames and passwords; it's not just a matter of letting legitimate users "in"

and keeping bad guys "out." Users who have authority to use certain parts of a system may not be authorized to see everything,

and businesses, for billing purposes, often want to track how long users spend in a system. The Remote Access Dial-In User

Service (RADIUS) solves all of these engineering challenges, but you have to implement it correctly in order to achieve

maximum benefit and keep your systems safe. RADIUS provides an architectural and technical guide to RADIUS implementation,

enabling its readers to design RADIUS-secured systems properly and choose products wisely.
Jonathan Hassell's approach is to lay down a foundation of RADIUS protocol theory, then explain how to implement the protocol

with a particular product (FreeRADIUS for Linux). He approaches both elements of his book with precision and detail, and

provides plenty of tabular information for reference. He's also liberal with examples, which is a welcome trait if you're in a hurry

to know how to format a radiusd.conf file or how to configure Cisco IOS to do RADIUS authentication. This is a comprehensive

treatment of a complicated subject. --David Wall
Topics covered: How the RADIUS protocol provides authentication, authorization, and accounting (AAA services), and how it fits

with other elements of network design. The author covers the protocol in theory before digging into its implementation in

FreeRADIUS for Linux and the integration of that package with several important networking products.

Book Description
The subject of security never strays far from the minds of IT workers, for good reason. If there is a network with even just one

connection to another network, it needs to be secured. RADIUS, or Remote Authentication Dial-In User Service, is a widely

deployed protocol that enables companies to authenticate, authorize and account for remote users who want access to a

system or service from a central network server. Originally developed for dial-up remote access, RADIUS is now used by virtual

private network (VPN) servers, wireless access points, authenticating Ethernet switches, Digital Subscriber Line (DSL) access,

and other network access types. Extensible, easy to implement, supported, and actively developed, RADIUS is currently the de

facto standard for remote authentication. RADIUS provides a complete, detailed guide to the underpinnings of the RADIUS

protocol, with particular emphasis on the utility of user accounting. Author Jonathan Hassell draws from his extensive

experience in Internet service provider operations to bring practical suggestions and advice for implementing RADIUS. He also

provides instructions for using an open-source variation called FreeRADIUS. "RADIUS is an extensible protocol that enjoys the

support of a wide range of vendors," says Jonathan Hassell. "Coupled with the amazing efforts of the open source development

community to extend RADIUS's capabilities to other applications-Web, calling card security, physical device security, such as

RSA's SecureID-RADIUS is possibly the best protocol with which to ensure only the people that need access to a resource

indeed gain that access." This unique book covers RADIUS completely, from the history and theory of the architecture around

which it was designed, to how the protocol and its ancillaries function on a day-to-day basis, to implementing RADIUS-based

security in a variety of corporate and service provider environments. If you are an ISP owner or administrator, corporate IT

professional responsible for maintaining mobile user connectivity, or a web presence provider responsible for providing multiple

communications resources, you'll want this book to help you master this widely implemented but little understood protocol