BlastRADIUS Resource Hub
Upgrade the World
We fixed BlastRADIUS
All RADIUS vendors have used our vendor guide to upgrade their products. These changes will be added to the RADIUS standards, and mandated as new behavior for all RADIUS implementations.
For everyone else who has questions about the issue, we have a FAQ.
We have developed a comprehensive set of documentation and verification tools which help ISPs, Telcos, and enterprises to protect themselves from the BlastRADIUS vulnerability.
Use our tools to upgrade your systems quickly, efficiently, and with minimal risk.
Free Resources
- Our BlastRADIUS FAQ
- The cryptographic paper describing the attack can be found at http://blastradius.fail
- Our IETF document for updating RADIUS standards to deprecate insecure practices.
- If you are a RADIUS product vendor, download our vendor guide. All vendors have used this guide to update their products.
- The first section of our step-by-step upgrade guide is available for download without any registration.
Our BlastRADIUS product suite
BlastRADIUS upgrade guide and worksheet
This document and accompanying Excel spreadsheet explains exactly which steps to take, and in what order. Even better, it explains why to take these steps, and how to verify that the systems are working correctly at each step. It is vendor neutral, and will help you upgrade RADIUS clients and servers from any vendor.
Don't create "ad hoc" local solutions based on an incomplete understanding of the issue. Instead, follow the guide created by the experts who solved the issue.
It is provided as a "zip" download.
BlastRADIUS Verification tool
Use this to verify that systems have been upgraded by analyzing packet captures, or by testing RADIUS servers directly. It includes the above BlastRADIUS Upgrade Guide and worksheet.
This software runs on Windows, OSX, or Linux.
Verification tool with support
In addition to the verification tool and worksheets, we will also provide 3 months of Q&A support for questions about the vulnerability and using the tools. Some limitations apply.
BlastRADIUS Suite with review
We will provide 6 months of support for the tools and documentation, along with some engineering time to review documents, perform training, etc. Some limitations apply.