November 30, 2006

Radius for you and me

Posted in OSX Software, OSX Technical at 10:10 pm by Michael Sweeney Media

Wireless security is always the elephant in the room when trying to decide to use wireless or not. At the minimum, you need to use WEP (Wireless Encryption Protocol) but that is easily cracked nowdays. A better solution is to use something like RADIUS in conjunction with WEP. There are other technologies like PEAP but for the small office and home user, they are not very practical or even available in the cheaper access points and cards. RADIUS on the other hand is very well supported even by consumer equipment like the Apple Airport access point. There are more than a few RADIUS servers you can buy but I found a semi-free GUI interface for RADIUS (free to use at basic level, twenty bucks for all features) called StellarRADIUS which in turn is built on using the FreeRADIUS server compiled for OSX. I installed FreeRADIUS from Stellar and then installed their GUI. I reset one of my Airports to use the RADIUS server for the authentication by simply using the MAC address as both the host and the password. In the real world, the password should be different so even if the MAC is spoof, the bad guy does not have the password because it’s encrypted.

Here is the basic StellarRADIUS screen.

freeradius-osx-resize.png

A very simple and clean interface. And it even works 🙂

Advertisements

1 Comment »

  1. Mike,

    is there a particular reason why you prefer RADIUS over WPA2, which Mac OS X supports right out of the box, and which is known to be reasonably safe? What are the benefits you get in return for the “hassle” of installing additional software?

    GreetinX,

    Jochen.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: