alan's book, or anything new on the horizon

Alan DeKok aland at deployingradius.com
Wed Jan 16 14:16:10 CET 2008 

orion wrote:
> alan , can we have the TOC of the book ?

  It's still in development, and I'm re-arranging it occasionally.  At a
high level:

Introduction

Concepts
  Participants and their roles
    User Devices
    NAS
    RADIUS Servers
    Databases
 AAA Overview
    Authentication
    Authorization
    Accounting
    Auditing
 Conversations
    Protocol overview
    Message contents
 Dictionaries
 Security

Participants in more detail
  User devices
  NAS
  RADIUS Servers
  Databases

Authentication
  The basics
    PAP
    CHAP
    MS-CHAP
    Digest
  Managing passwords
    hashes & protocol compatibility
  EAP
    EAP-GTC
    EAP-MD5
    EAP-MSCHAPv2
    LEAP
    EAP and password storage
  EAP-TLS Methods
    EAP-TLS
    Microsoft Windows requirements
    PEAP
    EAP-TTLS
  Wireless and wired security with EAP
  Other authentication protocols

Authorizations
  Principles for policy creating
    Logging
    Role-based authorization
    Policy maintenance
    Chained policies
  Examples

Accounting
  Interaction with authorization
  Generation of data
  Logging of data
  Relaying of packets
  Simultaneous-Use

RADIUS Server implementations
  ACS
  OAS
  Juniper
  OCS Radiator
  FreeRADIUS
  Others
  Recommendations

-----  And now we get into FreeRADIUS-specific text. :)

Basic deployments
  Installing FreeRADIUS
  Configuration files
    radiusd.conf
    clients.conf
    proxy.conf
    virtual servers
  Starting the server
    Debugging
  Tracking configuration changes
  Test methodology

radiusd.conf
  Layout
  Processing of requests
    authentication
    accounting
    proxying
  Modules
    Multiple instances of a module
    Redundant and load-balanced modules
    simple flow control

"unlang"
  Introduction
  Interaction with modules
  Examples

"clients.conf"

proxy.conf

virtual servers

"users" file
  format
  sample entries

Dictionaries
  ATTRIBUTE definitions
  VALUE definitions
  VENDOR definitions
  Loading other dictionary files
  Creating a dictionary file
    Special considerations

Debugging a deployment
   Tools
   Test methods and procedures
   EAP testing with eapol_test

Databases
   LDAP
     Active Directory considerations
  SQL
    MySQL
    Postgresql

Common deployment issues
   Windows
   AP implementations
   RADIUS Servers
   LDAP Servers

Security
  Network security
  Physical security
  Configuration security
  Methods for policy creation

RADIUS protocol reference
  Attributes
    Data types
    VSA's
  Packet types

Module overview
  rlm_chap
  rlm_digest
  ...


  If you've read this far, I'm impressed.  With each topic on a single
line like that, it starts to look silly after a while.

  The intent, though, is to be the *definitive* reference for not only
FreeRADIUS, but also for the protocol, and common use cases.  Where
other books say things like "Access-Request packets contain requests for
access", this one says that, and more.  Like common problems people see,
common mistakes vendors make, common misunderstandings and how to
correct them, and how to work around various issues in practice.

  I'm going to try to keep it under 400 pages, but I do think there's
enough material to make 400 pages.

  Alan DeKok.

More information about the Freeradius-Users mailing list