Исходное сообщение
"Атака SSID Confusion, позволяющая подменить сеть Wi-Fi" Отправлено Аноним, 16-Май-24 22:36
У кого есть микротик, те наверное смогут. А так, вот конфиг фрирадиуса: name = radiusd prefix = "" logdir = "/var/log/radius" run_dir = "/var/run/radiusd" libdir = "/usr/lib/freeradius" debug_level = 2 proxy_requests = no raddbdir = "/etc/raddb" certdir = "${raddbdir}/certs" cadir = "${raddbdir}/certs" log {     file = ${logdir}/radiusd.log } security {     user = "radiusd"     group = "radiusd" } modules {   eap {     default_eap_type = tls     tls-config tls-common {       private_key_file = ${certdir}/server.key       private_key_password = <CHANGE-TO-something-not-whatever>       certificate_file = ${certdir}/server.pem       ca_file = ${cadir}/ca.pem       ca_path = ${cadir}       random_file = /dev/urandom       check_crl = no       check_cert_cn = %{User-Name}       cipher_list = "HIGH"       require_client_cert = yes       ecdh_curve = ""       tls_max_version = "1.2"       tls_min_version = "1.2"       # TODO: write OCSP setup HOWTO       #ocsp {       #  enable = yes       #  override_cert_url = yes       #  url = http://127.0.0.1/ocsp/"       #}     }     tls {       tls = "tls-common"     }   }   realm suffix {     format = suffix     delimiter = "@"   } } server default {     listen {         type = auth         ipaddr = *         port = 0         # TODO: configure RadSec with a valid letsencrypt certificate?         #tls {         #    private_key_password = whatever         #    private_key_file = ${certdir}/server.key         #    certificate_file = ${certdir}/server.pem         #    tls_min_version = "1.3"         #    tls_max_version = "1.3"         #    require_client_cert = no         #}     }     authorize {         suffix         eap     }     authenticate {         eap     } } client ap1 {     ipaddr = <ip-address-of-ap>     secret = <some-secret> } # change example.org to domain from your certs CN realm example.org { }

Ваше сообщение
Имя*:
EMail:	Для отправки ответов на email укажите знак ! перед адресом, например, !user@host.ru (!! - не показывать email). Более тонкая настройка отправки ответов производится в профиле зарегистрированного участника форума.
Заголовок*:
Сообщение*:	> У кого есть микротик, те наверное смогут. А так, вот конфиг фрирадиуса: > name = radiusd > prefix = "" > logdir = "/var/log/radius" > run_dir = "/var/run/radiusd" > libdir = "/usr/lib/freeradius" > debug_level = 2 > proxy_requests = no > raddbdir = "/etc/raddb" > certdir = "${raddbdir}/certs" > cadir = "${raddbdir}/certs" > log { > file = ${logdir}/radiusd.log > } > security { > user = "radiusd" > group = "radiusd" > } > modules { > eap { > default_eap_type = tls > tls-config tls-common { > private_key_file = ${certdir}/server.key > private_key_password = <CHANGE-TO-something-not-whatever> > certificate_file = ${certdir}/server.pem > ca_file = ${cadir}/ca.pem > ca_path = ${cadir} > random_file = /dev/urandom > check_crl = no > check_cert_cn = %{User-Name} > cipher_list = "HIGH" > require_client_cert = yes > ecdh_curve = "" > tls_max_version = "1.2" > tls_min_version = "1.2" > # TODO: write OCSP setup HOWTO > #ocsp { > # enable = yes > # override_cert_url = yes > # url = http://127.0.0.1/ocsp/" > #} > } > tls { > tls = "tls-common" > } > } > realm suffix { > format = suffix > delimiter = "@" > } > } > server default { > listen { > type = auth > ipaddr = * > port = 0 > # TODO: configure RadSec > with a valid letsencrypt certificate? > #tls { > # > private_key_password = whatever > # > private_key_file = ${certdir}/server.key > # > certificate_file = ${certdir}/server.pem > # > tls_min_version = "1.3" > # > tls_max_version = "1.3" > # > require_client_cert = no > #} > } > authorize { > suffix > eap > } > authenticate { > eap > } > } > client ap1 { > ipaddr = <ip-address-of-ap> > secret = <some-secret> > } > # change example.org to domain from your certs CN > realm example.org { > }
	Введите код, изображенный на картинке: