On Wed, Sep 11, 2002 at 12:21:55AM +1000, Brett Maxfield wrote: > Hello, > > I am looking for a copy of radkill or something similar. I have read the > FAQ and the site listed does not work (the name resolves, but there is > no route to host) > > What i would like is to have a daemon periodically query the freeradius > server and re-authorise online users, and if authorisation fails, kick > off each user that fails re-authentication. > > Does anybody know of another ftp location (or an alternative program) ?
I don't, but I'm replying anyway because this is most interesting. I was just discussing with someone about how the Class attribute might be incorrect in ppp when doing multiple authentications, but dropped that as an academic point. Your timing is amazing. (ppp can rechallenge the user when doing chap; which I assume is what you are going for here--I can't think of another scenario where you re-authorise users) Note that this is a well known broken part of ppp, for active attackers. An active attacker can login as a user who is currently online by using them as an oracle. For dialup, it's probably a non-issue. You may also come across broken ppp's that don't respond to subsequent chap challenges. The attack does not work if using MPPE since the key will still be unknown. An active attacker can usually get around that via other means though. /fc - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
