(RADIATOR) NMAP and Radiator

Barrett (Barry) W Clark mgronduty at texoma.net
Wed Mar 10 09:52:14 CST 2004


Hugh, Terry,

Thank you for your input.

Any suggestions on the best way to scan the RADONLINE table with the cron 
job?  Also, what format is the RADONLINE table file in?

Thanks!

bwc

At 03:47 PM 3/4/2004, Hugh Irvine wrote:

>Hello Terry, Hello Barry -
>
>As Terry says, you need to be careful to decouple the Radiator processing 
>from anything else so you don't impact performance.
>
>I could easily imagine a simple cron job that would periodically scan the 
>RADONLINE table and run NMAP on any new sessions.
>
>regards
>
>Hugh
>
>
>On 5 Mar 2004, at 07:10, Terry Simons wrote:
>
>>Hmm... Just a thought.
>>
>>You could use a post auth script to touch a file with the IP (or 
>>whatever) of a machine that needs to be scanned, and you could poll the 
>>file (every minute or whatever) for new users to be scanned... OR
>>you could have a program like swatch watch the file for you, and kick off 
>>an appropriate command to do your work for you.  Swatch has the ability 
>>to watch a file for a regular expression pattern, and it can kick off 
>>scripts with parameters from the expression you are looking for (so it 
>>would be a cakewalk to have it just pass the correct information to NMAP)
>>
>>Swatch is pretty neat... I think it would work well for something like 
>>this.  It's perl based, and it's not too hard to set up.
>>
>>http://swatch.sourceforge.net/
>>
>>Good luck!
>>
>>- Terry
>>
>>On Mar 4, 2004, at 11:55 AM, Barrett (Barry) W Clark wrote:
>>
>>>Hello,
>>>
>>>Is it possible to set it up so that radiator will spawn a task to run 
>>>NMAP to scan the machine associated with the
>>>connection just made.
>>>
>>>(i.e...After connecting, NMAP runs on the Framed-IP-Address of the 
>>>connection.)
>>>
>>>If so, How?
>>>
>>>Thanks!
>>>
>>>Barrett (Barry) W. Clark
>>>
>>>
>>>--
>>>Archive at http://www.open.com.au/archives/radiator/
>>>Announcements on radiator-announce at open.com.au
>>>To unsubscribe, email 'majordomo at open.com.au' with
>>>'unsubscribe radiator' in the body of the message.
>>
>>--
>>Archive at http://www.open.com.au/archives/radiator/
>>Announcements on radiator-announce at open.com.au
>>To unsubscribe, email 'majordomo at open.com.au' with
>>'unsubscribe radiator' in the body of the message.
>>
>
>NB: have you included a copy of your configuration file (no secrets),
>together with a trace 4 debug showing what is happening?
>
>--
>Radiator: the most portable, flexible and configurable RADIUS server
>anywhere. Available on *NIX, *BSD, Windows, MacOS X.
>-
>Nets: internetwork inventory and management - graphical, extensible,
>flexible with hardware, software, platform and database independence.
>-
>CATool: Private Certificate Authority for Unix and Unix-like systems.
>
>--
>Archive at http://www.open.com.au/archives/radiator/
>Announcements on radiator-announce at open.com.au
>To unsubscribe, email 'majordomo at open.com.au' with
>'unsubscribe radiator' in the body of the message.


--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list