PKI SSL certificate management with OpenSSL
This is a simple howto for manipulating PKI SSL certificates using Openssl.
Linux NAT
This is a short howto for setting up Network Address Translation on a linux system (Debian was used for this howto)
Authorization in Microsoft network security protocols
As you may already know, Microsoft network security protocols rely on Kerberos for authentication. Since authentication and authorization are two coupled functions, it is natural to bind them together in a protocol that does both. Kerberos as specified by the IETF only provides authentication. Application services rely on it only to validate client identities. Kerberos does not offer means to verify whether a client has the right and privileges to perform a certain action. Microsoft has specified an extension to the Kerberos protocol to make it handle authorization as well as authentication. This article provides an overview of this extension and analyzes issues with regards to interoperability and the open-source world.
CVS and Kerberos authentication: Howto
The Concurrent Versioning System CVS ”is an open-source version control system that keeps track of all work and all changes in a set of files, typically the implementation of a software project, and allows several (potentially widely-separated) developers to collaborate.”
CVS users can authenticate to the CVS server using gssapi/Kerberos5. Most linux/BSD distributions, however, do not include CVS binaries with Kerberos5 support. This is a howto for compiling, installing and using cvs with Kerberos authentication.
Wireless handoff delay and its impact on VoIP performance and QoS
In VoIP, audio signal from the emitting source is encoded to numerical data and encapsulated into UDP packets before being sent to the receiving end. Since voice is a real time phenomena, audio data must be processed and played-out in the receiver side in a timely manner. This article discusses the effect of wireless handoff delays on the QoS (Quality of Service) of VoIP sessions.
Cyrus IMAP with GSSAPI Kerberos - Configuration Howto
In a previous article, we discussed how to build a CYRUS IMAP server with GSSAPI/Kerberos support from source. This article is a how-to for configuring cyrus with SASL GSSAPI Kerberos5 authentication.
Capture and Analysis of RADIUS traffic using tshark
Performance evaluation of wireless security systems - Part 4
RADIUS (Remote Authentication Dial In User Service) is a protocol standardized by the IETF for carrying authentication information between an access point and a back-end authentication server. The RADIUS protocol is deployed by most Internet Service Providers and in enterprise wireless networks for managing scalable large networks with large number of subscribers. In this article, we explain how to use the tshark tool to capture authentication traffic between an access point and the RADIUS server. The captured traffic will then be used to get some basic statistics such as number of successful authentications and number of failed authentications.
Cross-compiling wpa_supplicant for windows
This is a howto for compiling the ope-source WPA2 supplicant 'wpa_supplicant' for the Windows OS.
Wireless Security - WPA2 EAP-TLS using wpa_supplicant howto
More and more wireless access networks are adopting WPA2, the latest wireless network security standard. This howto explains how to configure and run a WPA2 supplicant (wpa_supplicant) with EAP-TLS authentication on your wireless network device.
Howto create a FreeBSD wireless router/access point
This is a howto for creating a wireless access point using a FreeBSD computer equipped with a wireless network interface.
Comment