eduroam

Last updated: 
4 months 2 weeks ago
Blog Manager
Log in to request membershipHide blog description
eduroam Service News Follow us on Twitter @eduroamuk - for news, interest, information, photos and fun. Contents - click on item and scroll to bottom of box to read item 15/04/19 - Advisory: EAP-PWD Vulnerability 12/10/18 - Advisory: Injection of Operator-Name attribute by the NRPSs 23/02/18 - eduroam Seminar pre-Networkshop 2018 - FreeRADIUS 4 etc 24/10/17 - Advisory: WPA2 Key Reinstallation Attacks vulnerability, KRACK 14/07/16 - Release of Technical Specification v1.4 10/05/16 - Advisory: Ending of RADIUS Accounting within eduroam(UK) 22/01/15 - eduroam Support Clinic Tues March 1st 14:15-15:30 18/09/15 - Advisory: Impact of change of Certificate Service CA for eduroam Home (IdP) service providers 27/01/15 - eduroam now available at seven hospitals in Cardiff 22/01/15 - eduroam Support Clinic Tues January 27th 10:45-12:00am 23/12/14 - Calling Station Identity 01/12/14 - New DNS Name for eduroam(UK) Support Server 19/12/14 - eduroam Support Clinic Tues January 6th 10:45am 28/11/14 - eduroam Support Clinic Tues December 2nd 10:45am 19/11/14 - Advisory: Microsoft Security Bulletin Affecting NPS and IAS 27/05/14 - eduroam training course June 11-12 Birmingham; Aug 6-7 Aug Bristol 08/04/14 - Advisory: OpenSSL TLS Heartbleed Vulnerability rev 1.1 21/02/14 - Auth Timestamp Feature on eduroam(UK) Support Server 30/10/13 - Release of FreeRADIUS 2.2.2 07/10/13 - Release of FreeRADIUS 3.0.0 17/09/13 - Release of FreeRADIUS 2.2.1 13/06/13 - Release of Technical Specification v1.3 13/06/13 - eduroam training course June 27 Glasgow 23/04/13 - eduroam training courses July 24-25 London 23/04/13 - Chargeable User Identity how-to guide now available in Library 25/03/13 - eduroam training courses May 2-3 Manchester 24/02/13 - Time for a review of your eduroam deployment - Technical Specification v 1.2 Main Changes from v 1.1 30/01/13 - Configuration Assistant Tool (CAT) now available - builds eduroam client installers for user devices 23/01/13 - Advice regarding keeping eduroam credentials secure 09/01/13 - eduroam(UK) Announcement of Change of Name of the Janet Roaming Service to eduroam(UK) 19/11/12 - Uptake of NAPTR record definition in DNS (to enable RadSec DD) is increasing 31/10/12 - eduroam(UK) Support Server Update: Nagios LG and check for NAPTR records 30/10/12 - Cisco ACS 5.4 released: now support Operator-Name 29/10/12 - Unscheduled service outage Friday 26/10/2012 1:02 AM - 9:48 AM 03/10/12 - Advisory: Improving Efficiency of International Authentication through utilisation of RadSec at National Level 11/09/12 - Advisory: FreeRADIUS 2.1.10,11,12 Security

Group administrators:

Recent members:

Advisory: Microsoft Security Bulletin Affecting NPS and IAS

Microsoft Security Bulletin MS14-066 -relevant to NPS and IAS eduroam Deployments

eduroam administrators at all organisations providing eduroam using Microsoft NPS or IAS are advised to be aware that MS14-066 affects eduroam (and any other 802.1X deployment).

Caution! The MS14-066 update will change your server configuration and may break eduroam authentications since it adjusts SChannel behaviour and TLS methods available. Please check your config and deploy onto a test system before production use.  If you experience problems you should contact your Microsoft support provider.

The following URLs provide further information:

http://blogs.cisco.com/security/talos/ms-tuesday-nov-2014

http://blogs.technet.com/b/srd/archive/2014/11/11/assessing-risk-for-the-november-2014-security-updates.aspx

https://technet.microsoft.com/en-us/library/security/ms14-066.aspx

To get the specific security update go to: https://support.microsoft.com/kb/2992611

Note that whilst your NPS/IAS ORPS server may only be addressable from the UK National RADIUS Proxy Servers (NRPS) which do not pose a threat, it is the *authenticating client* that can send malicious data in the EAP session, not just an attacking RADIUS client. You should therefore apply the security update as soon as possible and remember how important it is in general to patch your servers in a timely fashion.

  • Twitter logo
  • LinkedIn logo
  • Google+ logo
  • Reddit logo
  • StumbleUpon logo
eduroam(UK) Advisory