Remote authentication: Different types and uses

WindowSecurity.com - Corporate networks have not only grown in size over the years, but they have also grown in complexity.
Over the years, new services have been implemented to satisfy the growing demand for easy to use programs. This driving force to meet end user satisfaction goes on relentlessly and has accounted for much of today's innovations.
One of the most desired advantages has been for some workers to have the ability to work from home. These telecommuters are one of the recent changes that have affected the workforce and much to the benefit of the worker. The ability to telecommute has greatly affected employee morale for the better. The problem is that these workers must also be able to communicate with the corporate network both remotely and securely. It is of little surprise that these concerns have been addressed in a variety of ways that all work quite well.
RADIUS is not just for Algebra
One of the solutions that was designed to accommodate the remote worker is RADIUS (Remote Authentication Dial-In User Service). The acronym is actually fairly descriptive of what it does: The worker will remotely authenticate for access to that remote network. I have previously mentioned that I like to map protocols before to the OSI Reference Model. This helps one visualize just what protocols belong where in the grand scheme of things. In the OSI model, RADIUS fits into the application layer. This protocol is also no exception to the client/server model. A client will log into the RADIUS server and supply the required credentials. Also, RADIUS uses UDP as a transport protocol to ferry about its information.
Like many well-known protocols, RADIUS has some well-known ports that it is normally configured to be listening on. They are Port 1812 and Port 1813, which is used for RADIUS accounting.
Those ports are also RFC-compliant, but what does that mean? Well, when the designers of RADIUS were sitting around talking about the design specifications for RADIUS, they decided that they would make RADIUS use ports 1812 and 1813. The various design considerations were eventually all consolidated into what is called an RFC (requests for comment) . After a period of time, that RFC was accepted and thus the ports of 1812 and 1813 were then called RFC-compliant, as they were included in the original design.
I want details!
If you want details it is always best to go to the definitive source. In our case that would be RFC 2138, which deals with RADIUS itself and contains all

Reprinted with permission from

For more security news visit WindowSecurity.com
Story copyright 2006 WindowSecurity.com. All rights reserved.