public secret and public radius server. Is it secure?

Santiago Balaguer García santiagoawa at hotmail.com
Mon Jun 5 08:54:48 CEST 2006


If you don't want Dynamic address use VPN between your RADIUS server an your 
hotspots.

> >My question is :
> >- What can a malicious user can do with the secret? Can it alter
> >accounting and other things? (chillispot uses chap auth-type)
> >
> >one is spell it out and try rumble it so he forms a new word from it
> >
> >
>Is it a real security problem? I will be using accounting for facturation
>purposes...
>
> >- Is there a way of maintaining a per hotspot secret with dynamic ip
> >addresses?
> >
> >yes. check client and clients.conf relationship
> >
> >
>I did not find. clients.conf entry seems to be ip based.
>How do I setup a NAS without knowing its ip? (and differentiate between
>several of them)
>-
>
>why not implement static IP for APs?
>
>
>--
>No virus found in this outgoing message.
>Checked by AVG Free Edition.
>Version: 7.1.394 / Virus Database: 268.8.1/354 - Release Date: 6/1/2006
>
>
>-
>List info/subscribe/unsubscribe? See 
>http://www.freeradius.org/list/users.html

_________________________________________________________________
Un amor, una aventura, compañía para un viaje. Regístrate gratis en MSN Amor 
& Amistad. http://match.msn.es/match/mt.cfm?pg=channel&tcid=162349




More information about the Freeradius-Users mailing list