Bernard Aboba wrote:
> I'm not aware of any publicly available EAP fuzzing
tools. However,
> based on my experience testing EAP peer, server and
authenticator
> implementations, it is quite likely that such a tool
would turn up some
> significant bugs, potentially even ones that would
enable development of
> "EAP malware".
There is already software that exploits publicly disclosed
issues in
EAP implementations.
And while implementing EAP methods for FreeRADIUS, I've
seen client
crashes when the server didn't quite behave as expected.
Alan DeKok.
____________________________________________________________
_____
To unsubscribe or modify your subscription options, please
visit:
http:/
/lists.frascone.com/mailman/listinfo/eap
Arhives: http://lists.
frascone.com/pipermail/eap
|
