The errata list is a list of errors and their corrections that were found after the product was released.
The following errata were submitted by our customers and have not yet been approved or disproved by the author or editor. They solely represent the opinion of the customer.
Color Key: Serious technical mistake Minor technical mistake Language or formatting error Typo Question Note Update
Version |
Location |
Description |
Submitted by |
Date submitted |
Printed |
Page 1
3rd paragraph |
"There's one protocol that does this all: the Remote Access Dialin User Service, or
RADIUS" is incorrect.
According to RFC2865, RADIUS is acronym for Remote Authentication Dial In User
Service" therefore the sentence should say "There's one protocol that does this all:
the Remote Authentication Dial In User Service, or RADIUS".
|
Anonymous |
|
Printed |
Page 16
1st paragraph |
Merit & Lucent RADIUS servers are commercial products, not free.
|
Anonymous |
|
Printed |
Page 31
Section on PAP |
The discussion of PAP password hiding mechanism on p31 is not correct. My
understanding is that the Shared Secret and the Request Authenticator are used for
the initial MD5 hashing, not the Shared Secret and the Identifier. Isn't the process
better described as:
Call the shared secret S and the pseudo-random 128-bit Request Authenticator RA.
Break the password into 16-octet chunks p1, p2, etc. with the last one padded at the
end with nulls to a 16-octet boundary. Call the ciphertext blocks c(1), c(2), etc.
We'll need intermediate values b1, b2, etc.
b1 = MD5(S + RA) c(1) = p1 xor b1
b2 = MD5(S + c(1)) c(2) = p2 xor b2
. .
. .
. .
bi = MD5(S + c(i-1)) c(i) = pi xor bi
The String will contain c(1)+c(2)+...+c(i) where + denotes concatenation. On receipt,
the process is reversed to yield the original password. (1) The result of this
calculation is used as the value of the User-Password attribute.
|
Anonymous |
|
Printed |
Page 79
4. entry in Table 5.1 |
The purpose of the --with-gnu-ld flag is mistyped.
Wrong version: "Makes the procedure assume the C compiler uses GNU ID."
Correct version: "Makes the procedure assume the C compiler uses GNU ld."
|
Anonymous |
|
Printed |
Page 85
From web-site |
In chapter 5, rfc 2138 is referenced. To be technically correct, the most current
rfc for authentication is 2865 and for accounting is rfc 2866. Sorry for not
providing a page because I looked at the sample chapter from your web site.
The section where the error was found is located above "Figure 5-1. The NTRadPing 1.2
application window" snap-shot.
"Testing the Initial Setup
Once you have FreeRADIUS running, you need to test the configuration to make sure it
is responding to requests. FreeRADIUS starts up listening, by default, on the port
specified either in the local /etc/services file or in the port directive in
9780596003227d.conf. While RFC 2138..."
|
Anonymous |
|
Printed |
Page 90
1st paragraph |
According to free9780596003227.org, FreeRADIUS should be installd under user=radius, group=radius.
|
Anonymous |
|
Printed |
Page 175
Other Radius Server |
Navis Access is listed as Lucent RADIUS server however, the Lucent RADIUS server is
NavisRadius.
URL - http://www.lucent9780596003227.com/
|
Anonymous |
|
Printed |
Page 175
bottom |
Lucent's RADIUS server has been renamed "VitalAAA" and will be renamed again after the Alcatel
acquisition.
|
Anonymous |
|
Printed |
Page 176
top |
Steel Belted RADIUS (formerly Funk) now owned by Juniper, runs on BOTH Windows and Unix (SPARC)
systems.
Radiator is a commercial implementation of RADIUS.
Bridgewater makes a RADIUS server used by large ISPs that is extremely fast and stable, but not very
flexible. www.bridgewatersystems.com
Cisco makes Cisco Access Control Server which runs RADIUS & TACACS+. Available for Windows, Unix, and
as an appliance.
|
Anonymous |
|