FreeRADIUS 0.3 how to support Oracle 8i for Linux

2001-12-22 Thread Rubby 

Hi,all,
I am a user of FreeRADIUS ,I downloaded FreeRADIUS 0.3 and intalled it under
RedHat 7.2 successfully. I also installed Oracle 8i(8.1.7) server and client  for 
Linux successfully under the same PC.
I want the FreeRADIUS support Oracle SQL authentication,and how can I do?
I know the fils (RADDB=/usr/local/etc/raddb) $RADDB/radiusd.conf,$RADDB/sql.conf must 
be configured,I want to know the details.
As I sayed above,my system is RedHat7.2+Oracle 8i(8.1.7)+FreeRADIUS 0.3,
when I finished configuring the files in $RADDB,how to provide the interface to Oracle 
8i 
server? I think maybe appoint the directory of Oracle 8i library,right?
Can anyone tell me the all details I should do?
Thanks a lot.

.+-Šwèþ˛±ÊâmïîžË›±Êâmäžzm§ÿðÃëyêÚv+¬¢¸?–+-þë®Èmš

Paranoid Configuration

2001-12-22 Thread Gary Barnden 

Hello all,

If one was really paranoid, how would one secure the communication between 
a radius client and a server?

Thanks in advance

Gary


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Paranoid Configuration

2001-12-22 Thread Vincent_Giovannone 

If you're paranoid, disconnect the machines' (client  server) primary interface from the internet. (Can't hack something you can't get to!)

If you're really paranoid? Install second NIC in both the server and the client, run a crossover cable between the two, and use a private IP address space.

If that's not good enough, write scripts on both the server and the client that changes the radius key once and hour and re-starts the freeradius daemon. (Suggestion would be something like a securID rotating key. Then again, there are other radius daemons that support Security Dynamics' products directly, so might want to switch to one of them.)

If THAT'S not good enough, have only one user machine, one radius client machine, and one radius server and put them all in the same white room with no external links whatsoever. Basically, go Mission Impossible on them; have everyone who needs to get to the information strip searched on entry and exit. Use multiple biometrics and passphrase challenges on entry and exit. Armed guards at the door. You know, the whole nine yards.

So how paranoid ARE you, anyway? :)

Vincent Giovannone
Network Infrastructure Group
Information Services Division
Rush - Presbyterian St. Luke's Medical Center

Monday is the term used to signify the eighth day of my work week.








Gary Barnden [EMAIL PROTECTED]
Sent by: [EMAIL PROTECTED]
12/22/01 06:48 AM
Please respond to freeradius-users


To:[EMAIL PROTECTED]
cc:
Subject:Paranoid Configuration


Hello all,

If one was really paranoid, how would one secure the communication between 
a radius client and a server?

Thanks in advance

Gary


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Paranoid Configuration

2001-12-22 Thread aland 

Gary Barnden [EMAIL PROTECTED] wrote:
 If one was really paranoid, how would one secure the communication between 
 a radius client and a server?

  Put them on a physically secure link.

  Other than that, the RADIUS protocol was designed to be secure
against attackers, so some poeple even send radius packets over the
big bad internet.  Although that really isn't recommended.

  Alan DeKok.

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html