Hi
I'd like to make a public hotspot management system with chillispot and
freeradius.
I saw in the freeradius source that the NAS are identified from the ip
address, and the secret is determined from it.
My problem is that there can be hotspots on dynamic ip addresses.
The solution I found actually is to have an unique secret shared with
all hotspots.
So the secret is known by everybody.
My question is :
- What can a malicious user can do with the secret? Can it alter
accounting and other things? (chillispot uses chap auth-type)
- Is there a way of maintaining a per hotspot secret with dynamic ip
addresses?
Regards
Sophana
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
