RADIUS Server Test Suite Data Sheet
Test Suite:
RADIUS Server Test Suite
Direction:
Server

The RADIUS protocol is a protocol for authenticating users. It is used widely in the modern Internet. Since the proper functioning of the RADIUS protocol is vital to modern infrastructure and society, the dependability of RADIUS implementations must be verified. This test suite can be used to test RADIUS server implementations for security flaws and robustness problems.

Used specifications

Specification
Title
RFC2865

Remote Authentication Dial In User Service (RADIUS)

RFC2866

RADIUS Accounting

RFC2867

RADIUS Accounting Modifications for Tunnel Protocol Support

RFC2868

RADIUS Attributes for Tunnel Protocol Support

RFC2869

RADIUS Extensions

RFC2548

Microsoft Vendor-specific RADIUS Attributes

RFC3162

RADIUS and IPv6

RFC3748

Extensible Authentication Protocol (EAP)

RFC4679

DSL Forum Vendor-Specific RADIUS Attributes

RFC5216

The EAP-TLS Authentication Protocol

RFC2246

The TLS Protocol Version 1.0

RFC4346

The TLS Protocol Version 1.1

Tool-specific information

Tested messages
Notes
Specifications
Access request
RFC2865
Accounting request
RFC2866

Supported protocol features
Specifications
Notes
Transport over UDP
RFC2865
EAP-TLS authentication base case with fragmentation. Only RSA key exchange supported.
RFC5216
TLS1.0/TLS1.1 record layer and handshake protocols needed for EAP-TLS authentication base case as described in RFC4346. Only RSA supported.
RFC2246, RFC4346, RFC5216

Supported test suite features
Notes
X.509 RSA Certificates and Private Keys from file

Supported TLS cipher suites
Specifications
Notes
TLS_NULL_WITH_NULL_NULL
TLS_RSA_WITH_NULL_MD5
TLS_RSA_WITH_NULL_SHA
TLS_RSA_WITH_RC4_128_MD5
TLS_RSA_WITH_RC4_128_SHA
TLS_RSA_WITH_DES_CBC_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
Test tool general features
  • Fully automated black-box negative testing
  • Ready-made test cases
  • Written in Java(tm)
  • GUI command line remote interface modes
  • Instrumentation (health-check) capability
  • Support and maintenance
  • Comprehensive user documentation
  • Results reporting and analysis