(I'll bite to save Alan the déjà vu) An attacker sets up a captive portal system that looks exactly the same as yours (spoof). Users can't distinguish between the two captive portals, and so some users inevitably enter their credentials into the spoof portal. These credentials can be used by the attacker to gain network access through the authorised portal, or whatever else they're authorised for. josh.
-----Original Message----- From: freeradius-users-bounces+j.howlett=ukerna.ac.uk@lists.freeradi us.org [mailto:freeradius-users-bounces+j.howlett=ukerna.ac.uk@lists. freeradius.org] On Behalf Of Tas Dionisakos Sent: 23 January 2007 21:55 To: FreeRadius users mailing list Subject: Re: a freeradious/wireless solution for a school
Please elaborate on how the system can be circumvented?
Tas.
A.L.M.Buxey@lboro.ac.uk wrote:
Hi,
* Apache * Freeradius * Chillispot * Mysql
though note that captive portals are easy to mitigate/spoof and circumvent
alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-- ************************************* Tas Dionisakos IT Manager St Mary's College and Newman College The University of Melbourne T: 03 9342 1708 M: 0439 655 565 E: tas@newman.unimelb.edu.au C: (0o (||||)(||||) o0) *************************************
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html