Loadbalancing and failover using different servers
Alan DeKok
aland at deployingradius.com
Fri Jan 14 16:00:20 CET 2011
Juan Perez wrote:
> Let's suppose that I have two servers running the latest and
> shiniest version of FreeRadius and for some reason there is a bug in
> FreeRadius that causes the server to crash when a specially crafted
> RADIUS packet is received.
Hmm... that's hard to do: http://freeradius.org/security.html
Notice anything about 2.x on that page?
> Let's suppose that there is also an attacker
> (a disglunted employee maybe?), who knows about this bug and decides to
> attack my FreeRadius servers, so he starts sending these
> specially crafted packets to each server and since the two servers have
> the same bug, both of them would die upon receiving these packets.
Even if that did happen, you would probably notice.
> If I have two servers from different vendors, I could thus hopefully
> guarantee that at least the horrible server would continue working while
> an attack targeted at FreeRadius is going on. The horrible server
> doesn't need to be necessarily a Cisco ACS, any other horrible server
> would do it (Microsoft IAS, Steel-Belted, etc).
>
> So, does it make sense now or is the idea too stupid to be even considered?
Or, you could believe that maintaining the same configuration in two
completely independent products is a huge PITA, and not worth the effort
of "maybe" avoiding an attack.
The FreeRADIUS source code is regularly scanned with Coverity, LLVM,
and a few others. Nothing has come up in the last 3 years, for 2.x.
Alan DeKok.
More information about the Freeradius-Users
mailing list