SQL Auth Logging

Alan DeKok aland at deployingradius.com
Tue Jun 3 16:03:57 CEST 2014


Kev Pearce wrote:
> Is it possible to log to an SQL server when an unknown client attempts
> to authenticate against a virtual server and also to log then a good
> client tries but with an incorrect secret?

  No.  It's impossible.  By design.

  Doing that logging means the server could be subject to a DoS attack.

  And very often, it's impossible to tell that the secret is wrong.  You
can guess, but there's no way of knowing for sure.

  Alan DeKok.


More information about the Freeradius-Users mailing list