a question about the connection to the server

alan buxey A.L.M.Buxey at lboro.ac.uk
Wed Jul 4 21:54:28 CEST 2012


Hi,

> If some machine is in the same subnet as the radiusd and the AP,
> how do I prevent it from sniffing the secret for authentication
> to the server?

because you cant sniff the secret?  the secret is stored on the AP
and the RADIUS server - the RFC will tell you how it is used.

you might be able to sniff the RADIUS traffic if the network has
hubs rather than switches or you do MAC floods etc to get the traffic
to your interface (on a proper network your machine wont see unicast traffic
for another host if you are on the same subnet....)

alan


More information about the Freeradius-Users mailing list