On Thursday 28 August 2003 9:43 pm, Evren Yurtesen wrote: > No, modifying sources wouldnt do any good, because when you use chap the > password is not transmitted over the line. Thus there is no way for > freeradius to know what password the client entered.
yes and no -- while the password itself isn't necessarilly transmitted, the radius server is ultimately able to determine "it was good" or "it was bad"; for the case of "good", the server ALREADY KNOWS the password [be it from the file or a database record] so logging a known value at that point should be trivial... -- Yet another Blog: http://osnut.homelinux.net
pgp00000.pgp
Description: signature
