Hello Fernanado -
At 13:32 +0100 01/2/22, Fernando Martin wrote:
>Hi all,
>
>I need to authenticate users by Radiator but if it is possible detect de
>user MAC and check it agains a database user-->MAC, and if it is equal then
>user will OK.
>I know that directly MAC address is not sent by user, so is it possible to
>execute an external program after check user/pass ( like netstat IP -a ,
>check the User-->MAC, return a code OK , NOK) and then see if user will OK
>and give the IP...?
>Has anyone any idea about how to do that?
>A you can see this MAC authentication is very good to do a Token
>authentication.
>Let me know your opinion.
If you are refering to dialup users, there will not be any MAC
address to check because PPP does not use MAC addresses and the PC in
any case may not even have a LAN card. If you are refering to ADSL or
similar that is using PPPoE (PPP over ethernet), you may or may not
get anything useful in the Access-Request.
BTW - in general terms MAC addresses can be spooofed just as easily
as IP addresses, and users are just as likely to change PC's or LAN
cards anyway, so trying to use MAC addresses for security is not a
good idea.
hth
Hugh
--
NB: I am travelling this week, so there may be delays in our correspondence.
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
