On 21/12/2009 09:05, Alexander Clouter wrote:
> Arran Cudbard-Bell wrote:
>
>>>
>>> the real answer is to get the vendors to sort their cheap shoddy kit out ;-)
>>>
>>
>> Ahem *Vendor :P - - Sorry I have to do it or they beat me :(
>>
>>
> dare I ask why you do not use yo
On 21/12/2009 09:15, Alan Buxey wrote:
> Hi,
>
>
>>> yep - but a user could just as easily log in with the user-name of
>>> 00:11:22:33:44:55 ;-)
>>>
>>>
>> Not when you say !EAP-Message too :)
>>
> ...and how does that stop, lets just say for example, some user coming
> along with
Hi,
> > yep - but a user could just as easily log in with the user-name of
> > 00:11:22:33:44:55 ;-)
> >
> Not when you say !EAP-Message too :)
...and how does that stop, lets just say for example, some user coming
along with 802.1X configured on their wired interface and logging it
with 00:11:2
Arran Cudbard-Bell wrote:
>>
>> the real answer is to get the vendors to sort their cheap shoddy kit out ;-)
>
> Ahem *Vendor :P - - Sorry I have to do it or they beat me :(
>
dare I ask why you do not use you new 'formal' email address? ;)
Cheers
--
Alexander Clouter
.sigmonster sa
Alan Buxey wrote:
>
>> 'cheese112233xxyyzzTASTY' would even match that :)
>
> yep - but a user could just as easily log in with the user-name of
> 00:11:22:33:44:55 ;-)
>
Not when you say !EAP-Message too :)
> thats why some decent stuff needs to be done elsewhereI dont
> like Mac auth byp
On 20/12/2009 22:44, Alan Buxey wrote:
> Hi,
>
>
>> some would say that is a controversial MAC address regexp, but I
>> guess you just do things differently 'up north' eh? :)
>>
> hey, it was a quick hackup example to deal with the question.
>
>
>> 'cheese112233xxyyzzTASTY' would e
Hi,
> some would say that is a controversial MAC address regexp, but I
> guess you just do things differently 'up north' eh? :)
hey, it was a quick hackup example to deal with the question.
> 'cheese112233xxyyzzTASTY' would even match that :)
yep - but a user could just as easily log in w
Alan Buxey wrote:
>
>> If I use AD or SQL, can I write a script to accomplish the logic I need so I
>> don't have to type in each individual MAC as UN/PW in the database? It still
>> sounds like I need to (for example in AD) manully input each of them in the
>> database. Can you please give me
Hi,
> If I use AD or SQL, can I write a script to accomplish the logic I need so I
> don't have to type in each individual MAC as UN/PW in the database? It still
> sounds like I need to (for example in AD) manully input each of them in the
> database. Can you please give me details about how to
lists.freeradius.org on
behalf of Alan Buxey
Sent: Sat 12/19/2009 2:34 AM
To: FreeRadius users mailing list
Subject: Re: MAC authentication bypass --- How am I supposed to edit theusers
file to include multiple MAC addresses??
Hi,
> The way how it works is that (I figured it out by runn
10 matches
Mail list logo
