Comment RADIUS and DHCP problems for the FBI (Score 1) 139
As several people have mentioned, the capture of RADIUS and DHCP is to allow an association of a targeted user with an ip address, but how generally useful is that? The largest ISPs that do use RADIUS do not use a Framed-IP-Address to assign an ip. Several others use proprietary or legacy protocols such as TACACS,TACACS+, or ACP.
To "prove" that the RADIUS packet is from the ISP's dial network (RADIUS is UDP and easily spoofed - requiring an authenticator) they will need to have the shared secret, so the FBI can collect passwords if they really feel like it. Unless they believe they can trust a UDP packet claiming to be from the ISPs dial network, in which case they have my pity.
I've never bothered to look into spoofing DHCP but I imagine most ISP dial networks are going to be configured for convience rather than security.
Does anyone have any idea how much assistance the FBI is requiring form ISPs on this?
