✕
Synopsys Software Integrity Group is now operating as Black Duck Software, Inc., a subsidiary of Synopsys. Click to learn more.
Sorry, not available in this language yet
English
日本語
简体中文
TACACS+ Server Test Suite Data Sheet
Test Suite:
TACACS+ Server Test Suite
Direction:
Server
TACACS+ provides access control for routers, network access servers and other networked computing devices via one or more centralized servers. TACACS+ provides separate authentication, authorization and accounting services (AAA). Since robust AAA is vital for the smooth functioning of society, the dependability of TACACS+ implementations must be verified. This test suite can be used to test TACACS+ Server implementations for security flaws and robustness problems.
Used specifications
Specification
Title
Notes
draft-grant-tacacs-02
The TACACS+ Protocol
Obsoletes RFC1492
Tool-specific information
Tested messages
Specifications
Notes
Authentication START
draft-grant-tacacs-02
Authentication CONTINUE
draft-grant-tacacs-02
Authorization REQUEST
draft-grant-tacacs-02
Accounting REQUEST
draft-grant-tacacs-02
Supported protocol features
Specifications
Notes
Transport over TCP
draft-grant-tacacs-02
TACACS+ encryption
draft-grant-tacacs-02
TACACS+ encryption scheme is based on MD5 and was considered insecure already in 2000. The 'main security feature' is a shared key and a 4-octet session ID field that could be random, but is not mandatory to be.