Jethro -

On the Web App side we capture who entered the MAC and when along with the 
wireless users ID, device type, and if it's a student or faculty/staff so we 
can age out the students at the end of term. On the RADIUS side, we log auth 
times so we can see the last time they authenticated - which also helps in 
aging out devices.  Since we have the  user IDs. We can email them to tell them 
their MAC auth is going away before we delete/age it out.

BTW - we gave the system a cute name - WiiRAD - to indicate that it 
authenticates game consoles via RADIUS.

 >>-> Stan Brooks - CWNA/CWSP
      Emory University
      University Technology Services
      404.727.0226
AIM/Y!/Twitter: WLANstan
           MSN: wlans...@hotmail.com
    GoogleTalk: wlans...@gmail.com

-----Original Message-----
From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:wireless-...@listserv.educause.edu] On Behalf Of Jethro R Binks
Sent: Friday, April 16, 2010 4:46 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Hacking Cisco WLC - macfilters

On Thu, 15 Apr 2010, Brooks, Stan wrote:

> Our system uses Mac-Auth via RADIUS.  We've built a
> custom web app in house that updates the RADIUS auth database so trusted
> people (some of our clean room techs and others) can verify the type of
> device and enter the MAC into the system.

Other than the MAC address, what other sort of data do you store for the
entry?  User?  Time of registration?  Any expiry time for the entry?
Type of device?

Jethro.

.  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .
Jethro R Binks
Computing Officer, IT Services, University Of Strathclyde, Glasgow, UK

**********
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

This e-mail message (including any attachments) is for the sole use of
the intended recipient(s) and may contain confidential and privileged
information.  If the reader of this message is not the intended
recipient, you are hereby notified that any dissemination, distribution
or copying of this message (including any attachments) is strictly
prohibited.

If you have received this message in error, please contact
the sender by reply e-mail message and destroy all copies of the
original message (including attachments).

**********
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Reply via email to