Page 135 - StudyBook.pdf
P. 135
Communication Security: Remote Access and Messaging • Chapter 3 119
Figure 3.4 RADIUS Authentication Process
Client requests authorization RADIUS Client RADIUS Server
(Remote Access Server
Remote server queries
central repository
RADIUS server responds
With either an allow or deny
Remote server’s response
NOTE
See Chapter 9 for a discussion of shared secrets and other cryptography
terms and concepts.
Vulnerabilities
Certain “flavors” of RADIUS servers and Web servers can be compromised by
buffer-overflow attacks.A buffer-overflow attack occurs when a buffer is flooded with
more information than it can hold.The extra data overflows into other buffers,
which may be accessible to hackers.
Sometimes You Just Get Lucky…
Head of the Class… Many vulnerabilities found in network security are discovered by hackers
Once we lock a door, curiosity leads someone to try and see what is
behind it. This is the “cat-and-mouse game” that is network security.
trying to access systems they are not authorized to use. Sometimes,
“white-hat” hackers—security consultants hired to test system vulnera-
bilities—discover vulnerabilities in their testing. Unlike “black-hat”
hackers, whose intentions are malicious, and “gray-hat” hackers whose
intentions are not malicious), white-hat hackers generally work with
companies to fix issues before they become public knowledge. In 2001,
RADIUS buffer-overflow attacks were discovered by Internet Security
Systems while testing the vulnerabilities of the wireless networks.
www.syngress.com
