On Wed, May 15, 2002 at 08:58:17AM -0500, Chris Parker wrote: >At 03:18 PM 5/15/2002 +1000, Andrew Tait wrote: >>http://www.untruth.org/~josh/security/radius/radius-auth.html >> >>For those interested in finding out how easy. > >All predicated on the assumption that the attacker has access to the >network traffic between the client ( NAS ) and the radius server. Like >I said before, if an attacker has access to your network in such a manner >there are *lot* of interesting things they can do, cracking radius is >just one of them. :)
The attacker doesn't necessarily have to have access to your net if say the radius traffic originates from a dialup wholesaler like megapop. Anybody making NAS boxes that support IPSec tunnelling? Bill -- INTERNET: [EMAIL PROTECTED] Bill Campbell; Celestial Software LLC UUCP: camco!bill PO Box 820; 6641 E. Mercer Way FAX: (206) 232-9186 Mercer Island, WA 98040-0820; (206) 236-1676 URL: http://www.celestial.com/ ``Anyone who thinks Microsoft never does anything truly innovative isn't paying attention to the part of the company that pushes the state of its art: Microsoft's legal department.'' --Ed Foster, InfoWorld Gripe Line columnist - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
