Accounting Packets and Anonymous Identity
Selahattin Cilek
selahattin_cilek at hotmail.com
Sat Feb 4 21:39:12 CET 2017
I have been checking the traffic between NASes and FreeRADIUS (2.2.9)
and I have come across accounting packets with the User-Name field set
to "anonymous."
Sun Nov 13 02:41:50 2016
Acct-Session-Id = "57B6F41F-000014D2"
Acct-Status-Type = Start
Acct-Authentic = RADIUS
User-Name = "anonymous"
NAS-Identifier = "KAT_8_MERDIVEN"
Called-Station-Id = "DC-9F-DB-34-CF-B4:TDV.NET"
NAS-Port-Type = Wireless-802.11
NAS-Port = 0
Calling-Station-Id = "F8-16-54-1E-AB-2C"
Connect-Info = "CONNECT 0Mbps 802.11b"
Acct-Session-Id = "57B6F41F-000014D2"
NAS-IP-Address = 192.168.0.38
FreeRADIUS-Acct-Session-Start-Time = "Nov 13 2016 02:41:50 EET"
Acct-Unique-Session-Id = "6c4322c41296866a"
Timestamp = 1478997710
1. This server does not use MySQL and keeps the accounting data in plain
text files. If I were using MySQL as the back-end, would I still see the
user's name as "anonymous" in the "radacct.username" field?
2. Is it possible to find the true identity of the user by means of
reading some files or an SQL query and using the other data provided in
the packet such as Acct-Session-Id, Calling-Station-Id or
Acct-Unique-Session-Id etc?
---
This email has been checked for viruses by Avast antivirus software.
https://www.avast.com/antivirus
More information about the Freeradius-Users
mailing list