[RADIATOR] EAP PEAP Challenges
Ullfig, Roberto Alfredo
rullfig at uic.edu
Tue Apr 19 14:06:38 CDT 2016
Yes, it's crazy. Can I follow a session using this:
cisco-avpair = "audit-session-id=0a01e50b000190dd5711917d"
The session-id here is the same for an entire sequence of challenge-responses?
---
Roberto Ullfig - rullfig at uic.edu
ACCC Research Programmer
-----Original Message-----
From: Hugh Irvine [mailto:hugh at open.com.au]
Sent: Tuesday, April 12, 2016 7:43 PM
To: Ullfig, Roberto Alfredo; Alan Buxey
Cc: radiator at open.com.au
Subject: Re: [RADIATOR] EAP PEAP Challenges
Hello Roberto -
Welcome to the wonderful world of EAP.
Note that EAP is essentially a stateful encrypted TCP tunnel, over RADIUS, over UDP, hence the large number of packets back and forth for a single authentication.
I wonder what substance they were abusing?
regards
Hugh
> On 12 Apr 2016, at 23:58, A.L.M.Buxey at lboro.ac.uk wrote:
>
> Hi,
>> Are all the challenges independent of each other? I can't find anything in
>> the debug log that ties the incoming packets together.
>
> all seperate UDP packets - but with a known state - the RADIUS server
> recognises the conversation (up to 256 from each NAS usually....)
>
> with latest patchset for 4.16 you can see more details to help track a
> conversation in debug
>
> alan
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator
--
Hugh Irvine
hugh at open.com.au
Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER, SIM, etc.
Full source on Unix, Linux, Windows, MacOSX, Solaris, VMS, NetWare etc.
More information about the radiator
mailing list