Well-Maintained and Secured Servers
Green Rocket Security understands that GreenRADIUS servers are to be deployed into exposed environments. This means the servers must be hardened against potential attacks. As a security vendor, Green Rocket Security continually monitors both vulnerability reports and the latest techniques in system hardening, providing updates to our customers to ensure their systems are as secure as possible.
GreenRADIUS uses the following ports for administration of the system and for authentication attempts:
ssh for remote administration
Access to the web admin interface over SSL
PORT: 1812 UDP
for Windows Logon and mobile app deployments
Note that when LDAP or LDAPS is configured, only the specifically configured port is needed: port
389 for LDAP and port 636 for LDAPS.
To minimize the potential for access to GreenRADIUS through ssh, OpenSSH is configured by default to only accept connections from the local network. This can be updated to meet customer needs, but a “secure by default” configuration is provided.
The following services make up the functionality of GreenRADIUS:
- Apache - Web server for administration
- FreeRADIUS - RADIUS Server
- PostgreSQL - Database for the server
- OpenLDAP - Local LDAP server (if needed)
- Webmin & miniserv - Webmin server for management
- OpenSSH - ssh server
GreenRADIUS 2FA Administrator Authentication
GreenRADIUS fully supports using 2FA for admin access to its services, both to the web interface and command line.