Freeradius vs Security
Sebastian Hagedorn
Hagedorn at uni-koeln.de
Tue Apr 2 15:58:49 CEST 2019
--On 2. April 2019 um 09:44:15 -0400 Alan DeKok <aland at deployingradius.com>
wrote:
>> If a hacker installs an access point with the name of Eduroam, and this
>> access point points to a Freeradius server, it is possible that the
>> malicious person sees all the logins and passwords in the Freeradius
>> logs.
>
> That's not true.
Hm, are you familiar with this paper? My understanding of it is that (some)
badly configured clients are vulnerable.
<https://www.sciencedirect.com/science/article/pii/S0167404817302808>
--
.:.Sebastian Hagedorn - Weyertal 121 (Gebäude 133), Zimmer 2.02.:.
.:.Regionales Rechenzentrum (RRZK).:.
.:.Universität zu Köln / Cologne University - ✆ +49-221-470-89578.:.
More information about the Freeradius-Users
mailing list