Hello,
When using a radius server to proxy realms to different servers, you of course need a trusted relationship between the servers. (That's why there is a shared secret.) But what if one of the radius-servers is hacked or abused in any way: it looks to me that that single radius server is then capable of doing an attack on the whole Radius-infrastructure. You can just do an dictionary attack on a user you know about in a different network, through the proxy.
Is this true? Is it possible to prevent this kind of attacks on the proxy-ing radius server? Is the best solution to prevent any proxy-depth in the proxy-ing server by e.g. not proxy-ing subrealms but just realms?
Have you tried sending a request to a FreeRADIUS proxy from a server that is listed only in the 'proxy.conf' file?
Please run this test before proclaiming that it is vulnerable in this manner.
Other server that make no distinction between 'clients' ( which are allowed to *send* requests ) and 'proxy' ( which are allowed to *reply* to requests ) may be vulnerable in the manner you mention, however.
-Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* Wireless! \ Director, Engineering | @ @ | \ http://www.starnetwx.net \ (847) 963-0116 oOo---(_)---oOo--\------------------------------------------------------ \ Wholesale Internet Services - http://www.megapop.net
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
