Main Page | See live article | Alphabetical index Radius (Remote Authentication Dial In User Service) is a multi-user SNMP enabled client-server security tool used in computer networks to provide remote user authentication and accounting. The RADIUS software can read several kinds of password databases, and use several kinds of authentication schemes like PAP and CHAP. The client is the entity holding username and password information, while the server is the entity that has access to a database that can validate the mapping between the username and the password. Accounting is built in and can provide text file, unix style and SQL logs. These logs track user's activity. Other schemes can be supported by extending RADIUS. RADIUS is currently (2003) the de-facto standard for remote authentication. It provides : some protection against sniffing an active attack. centralised administration. Authorization is defined by RFC 2865 Accounting services is defined by RFC 2866. External references: http://www.gnu.org/software/radius/radius.html#introduction http://advancedradius.com/on_line_doc/Introduction.htm http://www.untruth.org/~josh/security/radius/radius-auth.html --- (Sample Cisco configuration) http://www.cisco.com/warp/public/480/http-3.html --- (RADIUS implementation for Windows 2000) http://www.microsoft.com/windows2000/en/server/help/default.asp?url=/windows2000/en/server/help/sag_rap_intro.htm Compare to: TACACS+ and LDAP DIAMETER is the planned(?) IETF replacement for RADIUS. This article is from Wikipedia. All text is available under the terms of the GNU Free Documentation License.