[23134] in bugtraq
Re: More problems with RADIUS (protocol and implementations)
daemon@ATHENA.MIT.EDU (Joshua Hill)
Tue Nov 13 19:41:51 2001
Date: Tue, 13 Nov 2001 12:54:38 -0800
From: Joshua Hill <josh@untruth.org>
To: aland@striker.ottawa.on.ca
Cc: bugtraq@securityfocus.com, 3APA3A <3APA3A@SECURITY.NNOV.RU>,
Joshua Hill <josh-radius@untruth.org>
Message-ID: <20011113125438.A19275@delusion.private.untruth.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <E163hAK-0006pC-00@giles.striker.ottawa.on.ca>; from aland@striker.ottawa.on.ca on Tue, Nov 13, 2001 at 12:16:02PM -0500
On Tue, Nov 13, 2001 at 12:16:02PM -0500, aland@striker.ottawa.on.ca wrote:
> Some points in that message were also covered by Joshua, he added a
> number of good points, and missed a few others. Specifically, rfc2869
> defines the Message-Authenticator attribute, which is used to sign
> packets. This signature allows Access-Request packets to be verified,
> negating the security problems of spoofed packets.
Unless the attacker simply removes the Message-Authenticator from
the packets before replaying them...
Leaving out any reference to rfc2869 was an oversight on my part. I
recently updated the online version of my analysis with pertinent
information regarding the Message-Authenticator. Take a look at the
last two paragraphs of section 4.2 at:
http://www.untruth.org/~josh/security/radius/radius-auth.html
Thanks for your comments,
Josh
