Design strategies for preventing fraudulent logins across multiple sites
Network RADIUS
marketing at networkradius.com
Wed Nov 24 14:33:09 CET 2021
** Preventing fraudulent logins across multiple sites
---------------------------------------
When an ISP has RADIUS servers across multiple sites, new attacks are possible. Users can share account information with their friends, who can then log in separately to each site. If the RADIUS system design does not take this problem into account, users can defraud the ISP of significant revenue.
One solution is to post-process the user sessions. The system can check hourly, or daily, if the same user is logged in at multiple sites. If the user is found to have multiple logins, they can be kicked offline, blocked, or even banned from the network. This solution works, but is not always the best one for every situation.
Another solution is to not only track user sessions at each site, but to do cross-site checks for user logins. In this approach, each site will dynamically check every other site when a user logs in. As one might expect, there are costs and benefits to this approach. This article describes why this approach may be useful, how it is done, and what are the pros and cons.
Read the full article…
https://networkradius.com/articles/2021/02/10/preventing-fraudulent-logins-across-multiple-sites.html <https://networkradius.com/articles/2021/02/10/preventing-fraudulent-logins-across-multiple-sites.html>
** Sign up to get this content directly
---------------------------------------------
Want to get these articles in all their HTML glory?
Sign up here: http://eepurl.com/hwuWrn <http://eepurl.com/hwuWrn>
** Need RADIUS help?
---------------------------------------------
Get commercial support from the team behind FreeRADIUS.
https://networkradius.com/request/ <https://networkradius.com/request/>
** What is the relationship between Network RADIUS and FreeRADIUS?
----------------------------------------------
FreeRADIUS is an open source implementation of the RADIUS protocol and was written by Alan DeKok in 1999.
Network RADIUS is a private, for-profit company founded by Alan DeKok which provides commercial support for FreeRADIUS. The Network RADIUS team has been the primary contributor to FreeRADIUS for the last 20 years. The FreeRADIUS mailing list, wiki, and documentation are all moderated and maintained by the Network RADIUS team.
FreeRADIUS has always been, and will always continue to be, open source. The Network RADIUS team provides commercial support to paying clients, and free product development for the FreeRADIUS community at large.
All of our software development for FreeRADIUS is integrated into the Open Source platform, and will always continue to be.
More information about the Freeradius-Users
mailing list