Ilguiz Latypov <[EMAIL PROTECTED]> wrote: > I agree that promiscuous authentication is not how FreeRadius was supposed > to work. Sorry for not reading the documentation first. I thought that > communication between Radius clients and servers is secure by design. Is > this not always true?
No. The RADIUS protocol has known issues, even if they may not be currently exploitable. In addition, why would you want to expose a key piece of software to any random packet from the internet? Is it *really* that hard to type in the 10-100 client IP addresses? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
