"Robles Rodriguez,Alejandro" <Alejandro.RoblesRodriguez@tre.se> wrote:
I have traced (ethereal) the requests I'm sending and only 256 are actually unique. Thereafter they are repeated over and over throughout the requests provided in the input file. It seems like the IDs are being reused.
Yes, the ID's are being re-used. That's what RADIUS does. But the request authenticators should NOT be re-used. I don't see that happening in my tests.
I agree there it's were the "vector" is set (by invoking the MD5 library) however, I don't see where that "vector" is made random for every request.
Because it's changed for every new request.
Again I might be mistaken but the end result is what I described above, that the same request ID gets the exact same Authenticator value.
And the vector generation doesn't depend on the ID, so I don't see how it gets the same authenticator. And in any case, it shouldn't be happening. Alan DeKok.