|
I just
observed something, but maybe someone can tell me if I'm right or
confused...
I just
noticed that foreign iPass users hitchhiking on our network (aka, "iPass
outbound") are showing up in our Authentication Log, complete with clear text
passwords.
Now, I know
this info is MD5 encrypted between the NAS and Radiator, and then later it's
encrypted between the local outbound iPass server and the central iPass network
via a proprietary iPass protocol. But I guess internal to Radiator it's
inevitable that the passwords be available in clear text? Or maybe it's only
necessary for CHAP, but PAP can store the p/w encrypted so it's NEVER in
cleartext?
Thanks
all,
Dave
|
Title: Message
