Remote Authentication Dial-In User Service (RADIUS): 1812, 1813

Security Weaknesses:

• Vulnerable to shared secret theft or weak secret configurations.

• Susceptible to replay attacks and credential interception.

• Limited protection against MITM without additional encryption layers.

Security Defense and Mitigation Measures:

• Use strong shared secrets and enforce IP-based restrictions.

• Implement RADIUS over TLS (RadSec) for enhanced encryption.

• Regularly audit RADIUS configurations and server logs.

Indicators of Compromise or Attack:

• Repeated authentication failures from specific endpoints.

• Unexpected access logs or unauthorized authentications.

• Anomalous traffic patterns to/from RADIUS servers.